pc infectado

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:51:56, on 14/02/2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17037)
Boot mode: Normal

Running processes:
C:\Positivo\Deskmedia\Posibar\Posibar.exe
C:\Program Files (x86)\YTDownloader\YTDownloader.exe
C:\Program Files (x86)\OEM\IPM 1.9.9\IPM.exe
C:\Program Files (x86)\Smwyyntm1ndi1zdz\mwiynzm4ndy1yjz.exe
C:\Program Files (x86)\Umtayyznhndq1ntz\mtuyntm5ndy1yjy.exe
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe
C:\Users\emle\AppData\Local\SmartWeb\SmartWebHelper.exe
C:\Program Files (x86)\gmsd_br_208\gmsd_br_208.exe
C:\Users\emle\AppData\Local\SmartWeb\SmartWebApp.exe
E:\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:64148;https=127.0.0.1:64148
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Good 1.0.0.7 - {2dd0916f-60de-4413-8198-d3c9d9b959d1} - C:\Program Files (x86)\Browser Good\BrowserGoodbho.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\XTab\SupTab.dll
O2 - BHO: CheckMeUp - {61A0B400-4D5B-BEC1-3667-5A9EA66184F6} - C:\Program Files (x86)\ver3CheckMeUp\188.dll
O2 - BHO: ShopperProBHO - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - C:\ProgramData\ShopperPro\ShopperPro.dll
O2 - BHO: Movies Search App (Dist. by Bandoo Media, Inc.) - {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll
O3 - Toolbar: Movies Search App (Dist. by Bandoo Media, Inc.) - {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [mbot_br_558] "C:\Program Files (x86)\mbot_br_558\mbot_br_558.exe"
O4 - HKLM\..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
O4 - HKLM\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1361.0.0.0\jsdrv.exe
O4 - HKLM\..\Run: [mwyyntm1ndi1zdz] C:\Program Files (x86)\Smwyyntm1ndi1zdz\mwiynzm4ndy1yjz.exe
O4 - HKLM\..\Run: [CrashMon] "C:\Program Files (x86)\Umtayyznhndq1ntz\mtuyntm5ndy1yjy.exe" "UniversalUpdater" "http://log.data-url.com/crash/"
O4 - HKLM\..\Run: [Baidu Antivirus] "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe" -auto
O4 - HKLM\..\Run: [SmartWeb] C:\Users\emle\AppData\Local\SmartWeb\SmartWebHelper.exe
O4 - HKLM\..\Run: [gmsd_br_208] "C:\Program Files (x86)\gmsd_br_208\gmsd_br_208.exe"
O4 - HKLM\..\RunOnce: [upmbot_br_558.exe] C:\Users\emle\AppData\Local\mbot_br_558\upmbot_br_558.exe -runonce
O4 - HKCU\..\Run: [SmartProtect] C:\ProgramData\SmartProtect\SmartProtect.exe
O4 - HKCU\..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
O4 - HKCU\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1361.0.0.0\jsdrv.exe
O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
O4 - Startup: SmartWeb.lnk = C:\Users\emle\AppData\Local\SmartWeb\SmartWebHelper.exe
O4 - Global Startup: IPM.lnk = ?
O10 - Unknown file in Winsock LSP: c:\windows\system32\colormedia.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\colormedia.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\colormedia.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\colormedia.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\colormedia.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Users\emle\AppData\Local\Ap\MTResources\btmn.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe
O23 - Service: Baidu Antivirus Service (BavSvc) - Baidu, Inc. - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavSvc.exe
O23 - Service: Baidu BdSandbox Virtual Service (BdSandboxSrv) - Unknown owner - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdSandboxSrv64.exe (file missing)
O23 - Service: Baidu Hips Service (BHipsSvc) - Baidu, Inc. - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe
O23 - Service: ColorMedia - Over the Rainbow Tech - C:\ProgramData\FlashBeat\ColorMedia.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Datamngr Coordinator (DatamngrCoordinator) - Bandoo Media Inc. - C:\Program Files (x86)\Movies App\Datamngr\DatamngrCoordinator.exe
O23 - Service: DeskmediaService - Positivo Informática - C:\Positivo\Deskmedia\DeskmediaService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlashBeat - Unknown owner - C:\ProgramData\FlashBeat\FlashBeat.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: IHProtect Service - XTab system - C:\Program Files (x86)\XTab\ProtectService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: Internet Enhancer Service - Unknown owner - C:\Program Files (x86)\WajNEnhance\WajNEnhance Internet Enhancer\InternetEnhancerService.exe
O23 - Service: Print Job Full Stop (juzimyho) - Unknown owner - C:\Users\emle\AppData\Roaming\VOPackage\nsi16DB.tmp
O23 - Service: JWgrlXOQbQ - Small Island Development - C:\ProgramData\laqdRDAZZsB\JWgrlXOQbQ.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MagnoPlayer Updater Service (MagnoPlayerUpdaterService) - Unknown owner - C:\Program Files (x86)\MagnoPlayer\MagnoPlayerUpdaterService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Xbmc Control Path (psvxbmc) - Unknown owner - C:\Fabricante\psvxbmc.exe
O23 - Service: Quick Ref 1.10.0.8 Client Service (qrsvc_1.10.0. - Quick Ref - C:\Program Files (x86)\QuickRef_1.10.0.8\Service\qrsvc.exe
O23 - Service: Quick Ref 1.10.0.9 Client Service (qrsvc_1.10.0.9) - Quick Ref - C:\Program Files (x86)\QuickRef_1.10.0.9\Service\qrsvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: JO Service component (serverjo) - Unknown owner - C:\Users\emle\AppData\Roaming\VOPackage\JOSrv.exe
O23 - Service: SU Service component (serversu) - Unknown owner - C:\Users\emle\AppData\Roaming\SoftwareUpdater\SUsrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: ShopperPro Update (SPBIUpd) - ShopperPro - C:\Program Files\Common Files\ShopperPro\spbiu.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Stpro service (Stpro) - Unknown owner - C:\Program Files (x86)\Stpro\Stpro.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Universal Updater Service (UniversalUpdater) - Unknown owner - C:\Program Files (x86)\Umtayyznhndq1ntz\mwmyzjmzngu1mdy.exe
O23 - Service: Update Browser Good - Unknown owner - C:\Program Files (x86)\Browser Good\updateBrowserGood.exe
O23 - Service: Remote Service (Updater) - Unknown owner - C:\Users\emle\AppData\Local\Ap\Updater.exe
O23 - Service: Util Browser Good - Unknown owner - C:\Program Files (x86)\Browser Good\bin\utilBrowserGood.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - SysTool PasSame LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: YTDUpdt - Goobzo - C:\PROGRA~2\YTDOWN~1\YTDUPD~1.EXE

--
End of file - 13855 bytes

Olá Smurff.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

# AdwCleaner v4.110 - Logfile created 14/02/2015 at 18:38:57
# Updated 05/02/2015 by Xplode
# Database : 2015-02-14.2 [Server]
# Operating system : Windows 8.1 Connected Single Language (x64)
# Username : emle - EMILE
# Running from : C:\Users\emle\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****

Service Deleted : BackupStack
[#] Service Deleted : DatamngrCoordinator
[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A9119622
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : sbmntr
Service Deleted : SPBIUpd
Service Deleted : SPBIUpdd
Service Deleted : UniversalUpdater
Service Deleted : WindowsMangerProtect
Service Deleted : ColorMedia
Service Deleted : IHProtect Service
Service Deleted : Internet Enhancer Service
Service Deleted : YTDUpdt
Service Deleted : serversu
Service Deleted : MagnoPlayerUpdaterService
Service Deleted : qrsvc_1.10.0.8
[#] Service Deleted : qrnfd_1_10_0_8
Service Deleted : {e65048d8-bd76-44ed-ac28-c25d339ab590}Gw64

***** [ Files / Folders ] *****

Folder Deleted : C:\MovieWizard
Folder Deleted : C:\ProgramData\baidu
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\MovieWizard
Folder Deleted : C:\ProgramData\IHProtectUpDate
Folder Deleted : C:\ProgramData\Packer
Folder Deleted : C:\ProgramData\29d766ff52c04ce0a51e1dbf5224735d
Folder Deleted : C:\ProgramData\cfb7e34302e345f9a579b07a7bc32829
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyBestOffersToday
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagnoPlayer
Folder Deleted : C:\Program Files (x86)\AnyProtectEx
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\iWebar
[!] Folder Deleted : C:\Program Files (x86)\Movies App
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Object Browser
Folder Deleted : C:\Program Files (x86)\Wajam
Folder Deleted : C:\Program Files (x86)\YTDownloader
Folder Deleted : C:\Program Files (x86)\XTab
Folder Deleted : C:\Program Files (x86)\QuickRef_1.10.0.8
Folder Deleted : C:\Program Files (x86)\MagnoPlayer
Folder Deleted : C:\Program Files (x86)\ver3CheckMeUp
Folder Deleted : C:\Program Files (x86)\gmsd_br_208
Folder Deleted : C:\Program Files (x86)\mbot_br_558
Folder Deleted : C:\Users\emle\AppData\Local\globalUpdate
Folder Deleted : C:\Users\emle\AppData\Local\CrashRpt
Folder Deleted : C:\Users\emle\AppData\Local\SmartWeb
Folder Deleted : C:\Users\emle\AppData\Local\MovieWizard
Folder Deleted : C:\Users\emle\AppData\Local\MagnoPlayer
Folder Deleted : C:\Users\emle\AppData\Local\gmsd_br_208
Folder Deleted : C:\Users\emle\AppData\Local\mbot_br_558
Folder Deleted : C:\Users\emle\AppData\LocalLow\SmartWeb
Folder Deleted : C:\Users\emle\AppData\Roaming\AnyProtectEx
Folder Deleted : C:\Users\emle\AppData\Roaming\SoftwareUpdater
Folder Deleted : C:\Users\emle\AppData\Roaming\VOPackage
Folder Deleted : C:\Users\emle\AppData\Roaming\mystartsearch
Folder Deleted : C:\Users\emle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
Folder Deleted : C:\Users\emle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Folder Deleted : C:\Users\emle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Folder Deleted : C:\Users\emle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
File Deleted : C:\Windows\patsearch.bin
File Deleted : C:\Users\emle\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Windows\System32\drivers\qrnfd_1_10_0_8.sys
File Deleted : C:\Windows\System32\drivers\{e65048d8-bd76-44ed-ac28-c25d339ab590}Gw64.sys
File Deleted : C:\Users\emle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
File Deleted : C:\Users\emle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk
File Deleted : C:\Users\emle\Desktop\AnyProtect.lnk

***** [ Scheduled tasks ] *****

Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : LaunchSignup
Task Deleted : SMupdate1
Task Deleted : SPDriver
Task Deleted : YTDownloader
Task Deleted : YTDownloaderUpd
Task Deleted : 384a2abd-84ad-4fbb-91bb-57738355afae-1-6
Task Deleted : 384a2abd-84ad-4fbb-91bb-57738355afae-1-7
Task Deleted : 384a2abd-84ad-4fbb-91bb-57738355afae-5
Task Deleted : 384a2abd-84ad-4fbb-91bb-57738355afae-5_user
Task Deleted : 41db03a1-006a-49ce-96ab-b86b7d539fe2-1-6
Task Deleted : 41db03a1-006a-49ce-96ab-b86b7d539fe2-1-7
Task Deleted : 41db03a1-006a-49ce-96ab-b86b7d539fe2-10_user
Task Deleted : 41db03a1-006a-49ce-96ab-b86b7d539fe2-5
Task Deleted : 41db03a1-006a-49ce-96ab-b86b7d539fe2-5_user
Task Deleted : fc8aea26-f6f5-4c71-9748-b3a304b9bc1f-1-6
Task Deleted : fc8aea26-f6f5-4c71-9748-b3a304b9bc1f-1-7
Task Deleted : fc8aea26-f6f5-4c71-9748-b3a304b9bc1f-5
Task Deleted : fc8aea26-f6f5-4c71-9748-b3a304b9bc1f-5_user

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\emle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\emle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\emle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{A594FB39-4ECE-FFF9-7B53-AD6E1B85E3BC}]
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SPDriver]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [CrashMon]
Value Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SPDriver]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SmartWeb]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [gmsd_br_208]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mbot_br_558]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61A0B400-4D5B-BEC1-3667-5A9EA66184F6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61A0B400-4D5B-BEC1-3667-5A9EA66184F6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{61A0B400-4D5B-BEC1-3667-5A9EA66184F6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{61A0B400-4D5B-BEC1-3667-5A9EA66184F6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{61A0B400-4D5B-BEC1-3667-5A9EA66184F6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61A0B400-4D5B-BEC1-3667-5A9EA66184F6}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\AnyProtect
Key Deleted : HKCU\Software\APNDTX
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\MyBestOffersToday
Key Deleted : HKCU\Software\Trymedia Systems
Key Deleted : HKCU\Software\Tutorials
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\YTDownloader
Key Deleted : HKCU\Software\WajIEnhance
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
Key Deleted : HKCU\Software\AppDataLow\Software\SmartWeb
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\iWebar
Key Deleted : HKLM\SOFTWARE\MyBestOffersToday
Key Deleted : HKLM\SOFTWARE\Object Browser
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\Salus
Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
Key Deleted : HKLM\SOFTWARE\YTDownloader
Key Deleted : HKLM\SOFTWARE\GAMESDESKTOP
Key Deleted : HKLM\SOFTWARE\Baidu
Key Deleted : HKLM\SOFTWARE\IHProtect
Key Deleted : HKLM\SOFTWARE\MagnoPlayer
Key Deleted : HKLM\SOFTWARE\QuickRef_1.10.0.8
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iWebar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Object Browser
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SmartWeb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Salus
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YTDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mystartsearch uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MagnoPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickRef_1.10.0.8
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\D21A333F-ABE7-F046-92B3-721ECDCF9E52
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_br_208_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mbot_br_558_is1
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mystartsearch.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\searches.vi-view.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\vi-view.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:64148;hxxps=127.0.0.1:64148
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17037

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v35.0.1 (x86 pt-BR)


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [22222 bytes] - [14/02/2015 18:27:01]
AdwCleaner[S0].txt - [20473 bytes] - [14/02/2015 18:38:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20533 bytes] ##########

Desative temporariamente seu antivírus para evitar conflitos.

* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executá-lo corretamente siga as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

Zoek.exe v5.0.0.0 Updated 13-February-2015
Tool run by emle on 14/02/2015 at 20:05:41,92.
Microsoft Windows 8.1 Single Language com o Bing 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\emle\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

14/02/2015 20:06:47 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\mbot_br_577 deleted successfully
C:\PROGRA~3\AlawarWrapper deleted successfully
C:\Users\emle\AppData\Local\Adobe deleted successfully
C:\Users\emle\AppData\Local\MovieWizard deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-956575514-692205280-2611169239-1001\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\JWgrlXOQbQ deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util Browser Good deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util Browser Good deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update Browser Good deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\emle\AppData\Roaming\Mozilla\Firefox\Profiles\ubh3992b.default\prefs.js:
user_pref("browser.startup.homepage", "http://feed.snapdo.com/?p=mKO_AwFzXIpYRa4j3q-3hUPE4m9xhqQak5vNWtOnX_ZstroiJOILPRM2TOiJ66CIe4JQhTD6WNTmFamTfIjhqnej3JkkS1Do0nvifR9Ct79-_oMj4s6Kxi_ab_SZMStMo1RcflK9c2u1blTUVXnRVrU1XofNBBa_7-6VejWltRU,");
user_pref("browser.newtab.url", "http://feed.snapdo.com/?p=mKO_AwFzXIpYRa4j3q-3hUPE4m9xhqQak5vNWtOnX_ZstroiJOILPRM2TOiJ66CIe4JQhTD6WNTmFamTfIjhqnej3JkkS1Do0nvifR9Ct79-_oMj5CAlbeSbIv7ahKDsTDZBVKzHlT5_KbUCNHU_OQLxgobk68orrhcBLajJKXg,");
user_pref("browser.search.selectedEngine", "Web Search");
user_pref("keyword.URL", "http://feed.sonic-search.com/?p=mKO_AwFzXIpYRa4j3q-3hUPE4m9xhqQak5vNWtOnX_ZstroiJOILPRM2TOiJ66CIe4JQhTD6WNTmFamTfIjhqnej3JkkS1Do0nvifR9Ct79-_oMj7tSzlDMMOa2RPaCRK6SRPdt71t5cG49j4XoK4NGeo_xJiAF4VVFsc3lE7Tk,&q=");

Added to C:\Users\emle\AppData\Roaming\Mozilla\Firefox\Profiles\ubh3992b.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\emle\AppData\Roaming\Mozilla\Firefox\Profiles\ubh3992b.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_022015_2025_.backup

==== Batch Command(s) Run By Tool======================


Cat logo Winsock redefinido com ˆxito.
Reinicie o computador para concluir a redefini‡Æo.


==== Deleting Files \ Folders ======================

C:\Program Files\Common Files\System\SysMenu.dll deleted
C:\Program Files\Common Files\System\SysMenu64.dll deleted
C:\PROGRA~3\DRV10.tmp deleted
C:\PROGRA~3\E1010.tmp deleted
C:\PROGRA~3\Datamngr deleted
C:\PROGRA~3\Baidu deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\emle\AppData\Local\nscCC25.tmp deleted
C:\Users\emle\AppData\Local\com deleted
C:\Users\emle\AppData\Local\Installer deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\ICSharpCode.net deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\ColorMediaOff.ini deleted
C:\Users\emle\AppData\LocalLow\ilividbandoomoviestoolbar deleted
C:\Windows\tasks\RLZF.job deleted
C:\windows\SysNative\tasks\RLZF deleted
C:\windows\SysNative\tasks\060184C3-9766-46a0-B258-F4518A0B2633 deleted
C:\windows\SysNative\tasks\Baidu Antivirus Update deleted
C:\windows\SysNative\Tasks\SPBIW_UpdateTask_Time_3339303730373336312d4137345a376c453278345a41 deleted
C:\Windows\Tasks\SPBIW_UpdateTask_Time_3339303730373336312d4137345a376c453278345a41.job deleted
C:\windows\SysNative\tasks\Microsoft\Windows\Maintenance\SMupdate2 deleted
C:\windows\SysNative\tasks\Microsoft\Windows\Multimedia\SMupdate3 deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Windows\SysWOW64\ColorMedia.ini deleted
C:\Windows\SysWOW64\ColorMediaOff.ini deleted
C:\Users\emle\AppData\Roaming\Mozilla\Firefox\Profiles\ubh3992b.default\searchplugins\Web Search.xml deleted
C:\Users\emle\AppData\Roaming\RLZF.exe deleted
"C:\Users\emle\AppData\Roaming\RLZF" deleted
"C:\windows\SysNative\ColorMedia64.dll" deleted
"C:\Windows\SysWOW64\ColorMedia.dll" deleted
"C:\PROGRA~3\laqdRDAZZsB\info.dat" not deleted
"C:\PROGRA~3\laqdRDAZZsB\JWgrlXOQbQ.dat" not deleted
"C:\PROGRA~3\laqdRDAZZsB\JWgrlXOQbQ.exe" deleted
"C:\PROGRA~3\laqdRDAZZsB\dat\IjNYNxcdFgI.dll" not deleted
"C:\PROGRA~3\laqdRDAZZsB\dat\kKvsROkqz.exe" not deleted
"C:\PROGRA~3\laqdRDAZZsB\dat\kKvsROkqz.exe.config" not deleted
"C:\PROGRA~3\laqdRDAZZsB\dat\OVAiIyxvG.dll" not deleted
"C:\PROGRA~3\laqdRDAZZsB\dat\raSuUTwiSss.exe" not deleted
"C:\PROGRA~3\laqdRDAZZsB\dat\raSuUTwiSss.exe.config" not deleted
"C:\PROGRA~3\laqdRDAZZsB" not deleted
"C:\PROGRA~3\laqdRDAZZsB\dat" not deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\emle\AppData\Roaming\Mozilla\Firefox\Profiles\ubh3992b.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://feed.snapdo.com/?p=mKO_AwFzXIpYRa4j3q-3hUPE4m9xhqQak5vNWtOnX_ZstroiJOILPRM2TOiJ66CIe4JQhTD6WNTmFamTfIjhqnej3JkkS1Do0nvifR9Ct79-_oMj4s6Kxi_ab_SZMStMo1RcflK9c2u1blTUVXnRVrU1XofNBBa_7-6VejWltRU,"
"Search Page"="http://feed.sonic-search.com/?p=mKO_AwFzXIpYRa4j3q-3hUPE4m9xhqQak5vNWtOnX_ZstroiJOILPRM2TOiJ66CIe4JQhTD6WNTmFamTfIjhqnej3JkkS1Do0nvifR9Ct79-_oMj7tSzlDMMOa2RPaCRK6SRPdt71t5cG49j4XoK4NGeo_xJiAF4VVFsc3lE7Tk,&q={searchTerms}"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://feed.sonic-search.com/?p=mKO_AwFzXIpYRa4j3q-3hUPE4m9xhqQak5vNWtOnX_ZstroiJOILPRM2TOiJ66CIe4JQhTD6WNTmFamTfIjhqnej3JkkS1Do0nvifR9Ct79-_oMj7tSzlDMMOa2RPaCRK6SRPdt71t5cG49j4XoK4NGeo_xJiAF4VVFsc3lE7Tk,&q={searchTerms}"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://feed.sonic-search.com/?p=mKO_AwFzXIpYRa4j3q-3hUPE4m9xhqQak5vNWtOnX_ZstroiJOILPRM2TOiJ66CIe4JQhTD6WNTmFamTfIjhqnej3JkkS1Do0nvifR9Ct79-_oMj7tSzlDMMOa2RPaCRK6SRPdt71t5cG49j4XoK4NGeo_xJiAF4VVFsc3lE7Tk,&q={searchTerms}"
"SearchAssistant"="http://feed.sonic-search.com/?p=mKO_AwFzXIpYRa4j3q-3hUPE4m9xhqQak5vNWtOnX_ZstroiJOILPRM2TOiJ66CIe4JQhTD6WNTmFamTfIjhqnej3JkkS1Do0nvifR9Ct79-_oMj7tSzlDMMOa2RPaCRK6SRPdt71t5cG49j4XoK4NGeo_xJiAF4VVFsc3lE7Tk,&q={searchTerms}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}"

==== Reset Google Chrome ======================

Nothing found to reset

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Fotor.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe EverimagingCo.Limited.Fotor
C:\Users\Public\Desktop\Manual do Usuário.lnk -
C:\Users\Public\Desktop\Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office15\FIRSTRUN.EXE /OEM
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Mundo Positivo.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe 908F1E4E.MundoPositivo
C:\Users\Public\Desktop\Positivo 3D Incrível.lnk -
C:\Users\Public\Desktop\Positivo Dicas.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe 908F1E4E.PositivoAjudante
C:\Users\Public\Desktop\Positivo Horóscopo.lnk -
C:\Users\Public\Desktop\Positivo Jogos.lnk - C:\Fabricante\Positivo Jogos Atalhos
C:\Users\Public\Desktop\Positivo Mulher.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe 908F1E4E.PositivoMulher
C:\Users\Public\Desktop\Positivo Músicas DJ.lnk -
C:\Users\Public\Desktop\Positivo Verde e Amarelo.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe 908F1E4E.PositivoVerdeeAmarelo
C:\Users\Public\Desktop\Promoção Vivo.lnk -
C:\Users\Public\Desktop\Skype.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe Microsoft.SkypeApp
C:\Users\Public\Desktop\Windows Live Movie Maker.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
C:\Users\Public\Desktop\xbmc.lnk - C:\Program Files (x86)\XBMC\XBMC.exe

==== shortcuts in Users Start Menu ======================

C:\Users\emle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Baidu Antivirus.lnk - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Bav.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Uninstall.lnk - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverAssist\DriverAssist Website.lnk - C:\Program Files\DriverAssist\DriverAssist.URL
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverAssist\DriverAssist.lnk - C:\Program Files\DriverAssist\DriverAssist.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverAssist\Uninstall DriverAssist.lnk - C:\Program Files (x86)\DriverAssist\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Settings.lnk - Setting
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\SignIn with Facebook.lnk - Facebook
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\SignIn with Twitter.lnk - TWitter
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Wajam Website.lnk - Website
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Search\Ask.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Search\Google.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Search\IMDb.lnk - ghg
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Search\Shopping.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Search\TripAdvisor.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Search\Wikipedia.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Search\Yahoo.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\Amazon.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\Argos.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\Ebay.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\Etsy.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\HomeDepot.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\Ikea.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\Lowe's.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\Mercadolivre.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\MyShopping.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\Sears.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\Target.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\Tesco.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\Walmart.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\Zalando.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Uninstall Wajam\uninstall.lnk - C:\Program Files (x86)\WajNEnhance\uninstall.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\emle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\emle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\emle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\emle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\emle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WajNEnhance deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Lights Out deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\emle\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\emle\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\emle\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\emle\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\emle\AppData\Local\Mozilla\Firefox\Profiles\ubh3992b.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\emle\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=65 folders=27 28096040 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\emle\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\emle\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~3\laqdRDAZZsB\info.dat" not found
"C:\PROGRA~3\laqdRDAZZsB\JWgrlXOQbQ.dat" not found
"C:\PROGRA~3\laqdRDAZZsB\dat\IjNYNxcdFgI.dll" not found
"C:\PROGRA~3\laqdRDAZZsB\dat\kKvsROkqz.exe" not found
"C:\PROGRA~3\laqdRDAZZsB\dat\kKvsROkqz.exe.config" not found
"C:\PROGRA~3\laqdRDAZZsB\dat\OVAiIyxvG.dll" not found
"C:\PROGRA~3\laqdRDAZZsB\dat\raSuUTwiSss.exe" not found
"C:\PROGRA~3\laqdRDAZZsB\dat\raSuUTwiSss.exe.config" not found
"C:\windows\SysNative\ColorMedia64.dllsearch" deleted
"C:\Windows\SysWOW64\ColorMedia.dllsearch" not found
"C:\Users\emle\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\emle\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\emle\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\emle\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted
"C:\Users\emle\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted
"C:\PROGRA~3\laqdRDAZZsB" not found

==== EOF on 14/02/2015 at 20:42:37,32 ======================

Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPCleaner para baixá-lo, tal como mostra a imagem abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Para executá-lo corretamente siga as dicas desta postagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Após a utilização dele, copie todo o conteúdo do seu relatório ZHPCleaner.txt e poste em sua próxima resposta.

~ ZHPCleaner v2015.2.14.68 by Nicolas Coolman (14/02/2015)
~ Run by emle (Administrator) (14/02/2015 22:31:59)
~ Forum : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Facebook : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\emle\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\emle\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Windows 81, 64-bit (Build 9600)


---\\ Services (1)
SERVICE STOPPED : qrsvc_1.10.0.9 (PUP.QuickRef)


---\\ Browser internet (2)
DELETED data: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings [Bad : Port=64148 <-Loopback>] (Hijacker.Proxy)
DELETED data: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings [Bad : Port=64148 <-Loopback>] (Hijacker.Proxy)


---\\ Hosts file (0)
~ No malicious items found.


---\\ Scheduled automatic tasks. (0)
~ No malicious items found.


---\\ Explorer ( File, Folder) (72)
MOVED file: C:\Windows\system32\Drivers\webTinst.sys (PUP.CorsicaTechnologies)
MOVED file: C:\Program Files (x86)\Lights Out\41db03a1-006a-49ce-96ab-b86b7d539fe2-1-6.exe [SBG - Lights Out exe] (PUP.CrossRider)
MOVED file: C:\Program Files (x86)\Lights Out\41db03a1-006a-49ce-96ab-b86b7d539fe2-1-7.exe [SBG - Lights Out exe] (PUP.CrossRider)
MOVED file: C:\Program Files (x86)\Lights Out\41db03a1-006a-49ce-96ab-b86b7d539fe2-5.exe [SBG - Lights Out exe] (PUP.CrossRider)
MOVED file: C:\Program Files (x86)\QuickRef_1.10.0.9\terms-of-service.rtf (PUP.QuickRef)
MOVED file: C:\Program Files (x86)\QuickRef_1.10.0.9\Uninstall.exe [Quick Ref - Quick Ref Setup] (PUP.QuickRef)
MOVED file: C:\Program Files (x86)\WajNEnhance\uninstall.exe (PUP.Wajam)
MOVED folder*: C:\Program Files (x86)\QuickRef_1.10.0.9\3rd Party Licenses (PUP.QuickRef)
MOVED folder*: C:\Program Files (x86)\QuickRef_1.10.0.9\Service (PUP.QuickRef)
MOVED folder*: C:\Program Files (x86)\WajNEnhance\Logos (PUP.Wajam)
MOVED folder*: C:\Program Files (x86)\WajNEnhance\WajNEnhance Internet Enhancer (PUP.Wajam)
MOVED folder*: C:\Program Files (x86)\QuickRef_1.10.0.9 (PUP.QuickRef)
MOVED folder*: C:\Program Files (x86)\WajNEnhance (PUP.Wajam)
MOVED file: C:\Program Files\DriverAssist\10921937D4EFD88E0AD173E43CA67A6E (PUP.DriverAssist)
MOVED file: C:\Program Files\DriverAssist\configen.xml (PUP.DriverAssist)
MOVED file: C:\Program Files\DriverAssist\DriverAssist.exe [Copyright © 2014 - DriverAssist] (PUP.DriverAssist)
MOVED file**: C:\Program Files\DriverAssist\DriverAssist.exe.config (PUP.DriverAssist)
MOVED file**: C:\Program Files\DriverAssist\DriverAssist.URL (PUP.DriverAssist)
MOVED file**: C:\Program Files\DriverAssist\F6EC7A5B9A027E9E1C9686D0406BD2DB (PUP.DriverAssist)
MOVED file**: C:\Program Files\DriverAssist\icon.ico (PUP.DriverAssist)
MOVED file**: C:\Program Files\DriverAssist\SQLite.Interop.dll [Robert Simpson, et al. - System.Data.SQLite Interop Assembly] (PUP.DriverAssist)
MOVED file**: C:\Program Files\DriverAssist\System.Data.SQLite.dll [http://system.data.sqlite.org/ - System.Data.SQLite Core] (PUP.DriverAssist)
MOVED file**: C:\Program Files\DriverAssist\System.Data.SQLite.xml (PUP.DriverAssist)
MOVED file**: C:\Program Files\DriverAssist\ui.chm (PUP.DriverAssist)
MOVED file**: C:\Program Files\DriverAssist\uninst.bin [SafeBytes - DriverAssist] (PUP.DriverAssist)
MOVED file**: C:\Program Files\DriverAssist\uninst.exe (PUP.DriverAssist)
MOVED file**: C:\Program Files\DriverAssist\updaterui.chm (PUP.DriverAssist)
MOVED file**: C:\Program Files\DriverAssist\UpdaterUI.exe [Copyright © 2014 - UpdaterUI] (PUP.DriverAssist)
MOVED file**: C:\Program Files\DriverAssist\webicon.ico (PUP.DriverAssist)
MOVED folder*: C:\Program Files\DriverAssist\7z (PUP.DriverAssist)
MOVED folder*: C:\Program Files\DriverAssist\Backups (PUP.DriverAssist)
MOVED folder*: C:\Program Files\DriverAssist\DriverDownloads (PUP.DriverAssist)
MOVED folder*: C:\Program Files\DriverAssist\Extra (PUP.DriverAssist)
MOVED folder*: C:\Program Files\DriverAssist (PUP.DriverAssist)
MOVED file**: C:\ProgramData\Baidu Security\Duplicaterecord.js (Adware.BDPlugin)
MOVED file**: C:\ProgramData\cfb7e34302e345f9a579b07a7bc32829\6ed63a732e7a49a2b3ae188048391523 (PUP.CrossRider)
MOVED folder*: C:\ProgramData\Baidu\Antivirus (Adware.BDPlugin)
MOVED folder*: C:\ProgramData\Baidu (Adware.BDPlugin)
MOVED folder*: C:\ProgramData\Baidu Security (Adware.BDPlugin)
MOVED folder*: C:\ProgramData\cfb7e34302e345f9a579b07a7bc32829 (PUP.CrossRider)
MOVED file**: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverAssist\DriverAssist Website.lnk (PUP.DriverAssist)
MOVED file**: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverAssist\DriverAssist.lnk (PUP.DriverAssist)
MOVED file**: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverAssist\Uninstall DriverAssist.lnk (PUP.DriverAssist)
MOVED file**: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Settings.lnk (PUP.Wajam)
MOVED file**: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\SignIn with Facebook.lnk (PUP.Wajam)
MOVED file**: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\SignIn with Twitter.lnk (PUP.Wajam)
MOVED file**: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Wajam Website.lnk (PUP.Wajam)
MOVED folder*: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Search (PUP.Wajam)
MOVED folder*: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping (PUP.Wajam)
MOVED folder*: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Uninstall Wajam (PUP.Wajam)
MOVED folder*: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverAssist (PUP.DriverAssist)
MOVED folder*: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance (PUP.Wajam)
MOVED file**: C:\Windows\Prefetch\AMT_MYSTARTSEARCH.EXE-9114DA59.pf (PUP.StartSearch)
MOVED file**: C:\Windows\Prefetch\ANYPROTECT.EXE-53752276.pf (PUP.AnyProtect)
MOVED file**: C:\Windows\Prefetch\DATAMNGRCOORDINATOR.EXE-4B7B5D93.pf (PUP.Datamngr)
MOVED file**: C:\Windows\Prefetch\DRIVERASSIST.EXE-ADF03696.pf (PUP.DriverAssist)
MOVED file**: C:\Windows\Prefetch\ILIVID.EXE-8EEE429E.pf (Adware.Bandoo)
MOVED file**: C:\Windows\Prefetch\ILIVIDMEDIABAR.EXE-7C37CCC9.pf (Adware.Bandoo)
MOVED file**: C:\Windows\Prefetch\ILIVIDSETUP-R2260-N-BI.EXE-095FCEF8.pf (Adware.Bandoo)
MOVED file**: C:\Windows\Prefetch\INS_SHOPPERPRO.EXE-704298E2.pf (PUP.ShopperPro)
MOVED file**: C:\Windows\Prefetch\MAGNOPLAYER.EXE-07D24629.pf (PUP.MagnoPlayer)
MOVED file**: C:\Windows\Prefetch\MYPC BACKUP.EXE-D2D9F9B9.pf (PUP.MyPCBackup)
MOVED file**: C:\Windows\Prefetch\SHOPPERPRO.EXE-538C1137.pf (PUP.ShopperPro)
MOVED file**: C:\Windows\Prefetch\SIGNUP WIZARD.EXE-9554BD21.pf (PUP.MyPCBackup)
MOVED file**: C:\Windows\Prefetch\SMARTWEBAPP.EXE-CA5224FB.pf (PUP.SmartWebSearch)
MOVED file**: C:\Windows\Prefetch\SMARTWEBHELPER.EXE-6DF1A4EE.pf (PUP.SmartWebSearch)
MOVED file**: C:\Windows\Prefetch\SNAPDO_LINKURY_SOFT_PARTNER.E-60840712.pf (PUP.Linkury)
MOVED file**: C:\Windows\Prefetch\SPEEDUPMYPC.EXE-7C35B7A1.pf (PUP.SpeedUpMyPC)
MOVED file**: C:\Windows\Prefetch\VOPACKAGE.EXE-524B79C0.pf (Adware.Downware)
MOVED file**: C:\Windows\Prefetch\VOPACKAGE.EXE-843FB447.pf (Adware.Downware)
MOVED file**: C:\Windows\Prefetch\WPM_V20.0.0.1714_0204.EXE-66D0AEC6.pf (PUP.WpManager)
MOVED file**: C:\Windows\Prefetch\YTDOWNLOADER.EXE-DC808E8B.pf (PUP.YTDownloader)


---\\ Registry ( Key, Value, Data) (37)
DELETED key: [X64] HKLM\SYSTEM\CurrentControlSet\Services\juzimyho [C:\Users\emle\AppData\Roaming\VOPackage\nsi16DB.tmp] (Adware.Downware)
DELETED key: [X64] HKLM\SYSTEM\CurrentControlSet\Services\qrsvc_1.10.0.9 ["C:\Program Files (x86)\QuickRef_1.10.0.9\Service\qrsvc.exe"] (PUP.QuickRef)
DELETED key: [X64] HKLM\SYSTEM\CurrentControlSet\Services\serverjo [C:\Users\emle\AppData\Roaming\VOPackage\JOSrv.exe] (Adware.Downware)
DELETED key: [X64] HKLM\SYSTEM\CurrentControlSet\Services\SPDRIVER_1361.0.0.0 [C:\Program Files (x86)\ShopperPro\JSDriver\1361.0.0.0\jsdrv.sys] (PUP.ShopperPro)
DELETED key: [X64] HKLM\SYSTEM\CurrentControlSet\Services\webTinst [C:\Windows\system32\Drivers\webTinst.sys] (PUP.CorsicaTechnologies)
DELETED data: HKCR\htmlfile\Shell\Open\Command\\Default [Bad : "C:\Program Files\Internet Explorer\iexplore.exe" %1] (Broken.OpenCommand)
DELETED data: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\\Application [Bad : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (Hijacker.Association)
DELETED key: HKCU\Software\iWebar-nv-ie [] (PUP.CrossRider)
DELETED key: HKCU\Software\Object Browser-nv-ie [] (PUP.ObjectBrowser)
DELETED key: HKCU\Software\WajNEnhance [] (PUP.Wajam)
DELETED key: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\inst.shoppingate.info [276254] (PUP.ShoppinGate)
DELETED key: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\magnoplayer.com [] (PUP.MagnoPlayer)
DELETED key: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\shoppingate.info [] (PUP.ShoppinGate)
DELETED key: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\inst.shoppingate.info [548848] (PUP.ShoppinGate)
DELETED key: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\shoppingate.info [] (PUP.ShoppinGate)
DELETED key: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.boostsaves.com [195] (PUP.BoostSaves)
DELETED key: [X64] HKLM\SOFTWARE\Classes\Magnet [iLivid.torrent] (Adware.Bandoo)
DELETED key: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\MagnoPlayerUpdaterService [] (PUP.MagnoPlayer)
DELETED key: [X64] HKLM\SOFTWARE\DriverAssist [] (PUP.DriverAssist)
DELETED key: [X64] HKLM\SOFTWARE\Microsoft\Tracing\DriverAssist_RASAPI32 [] (PUP.DriverAssist)
DELETED key: [X64] HKLM\SOFTWARE\Microsoft\Tracing\DriverAssist_RASMANCS [] (PUP.DriverAssist)
DELETED key: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverAssist [SafeBytes] (PUP.DriverAssist)
DELETED key: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\${dtUserElevationPolicyID} [C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE] (PUP.Datamngr)
DELETED key: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\YTDownloader.exe [C:\Program Files (x86)\YTDownloader\YTDownloader.exe] (PUP.YTDownloader)
DELETED key: HKLM\SOFTWARE\Wow6432Node\Datamngr [] (PUP.Datamngr)
DELETED key: HKLM\SOFTWARE\Wow6432Node\iWebar-nv-ie [] (PUP.CrossRider)
DELETED key: HKLM\SOFTWARE\Wow6432Node\Object Browser-nv-ie [] (PUP.ObjectBrowser)
DELETED key: HKLM\SOFTWARE\Wow6432Node\QuickRef_1.10.0.9 [] (PUP.QuickRef)
DELETED key: HKLM\SOFTWARE\Wow6432Node\WajNEnhance [] (PUP.Wajam)
DELETED key: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ASPackage [] (PUP.ASPackage)
DELETED key: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MovieWizard [Small Island Development] (PUP.SmallIsland)
DELETED key: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\QuickRef_1.10.0.9 [Quick Ref] (PUP.QuickRef)
DELETED key: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Sally's Studio(TM) [Sally's Studio(TM) (remove only)] (PUP.QuickRef)
DELETED key: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent [] (PUP.QuickRef)
DELETED key: HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\${dtUserElevationPolicyID} [C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE] (PUP.Datamngr)
DELETED key: HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71667A51-561B-4692-BB19-06EBFB08BF72} [C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE] (PUP.Datamngr)
DELETED key: HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} [C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE] (PUP.Datamngr)



---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Google Chrome)
~ Browser not found (Opera Software)


---\\ Statistics
~ Items scanned : 71015
~ Items found : 0
~ Items repaired : 111


End of clean at 22:52:31
===================
ZHPCleaner-[R]-14022015-22_52_31.txt

Faça o download do Malwarebytes em um destes links abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Na sua próxima resposta poste este log (relatório) do Malwarebytes.

Ficamos no aguardo.

Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Data da Verificação: 14/02/2015
Hora da Verificação: 23:15:19
Arquivo de Log: log.mawa.txt
Administrador: Sim

Versão: 2.00.4.1028
Base de Dados de Malware: v2015.02.15.01
Base de Dados de Rootkit: v2015.02.03.01
Licença: Avaliação Gratuita
Proteção de Malware: Habilitado
Proteção de Site Malicioso: Habilitado
Auto-Proteção: Desabilitado

SO: Windows 8.1
Processador: x64
Sistema de Arquivos: NTFS
Usuário: emle

Tipo da Verificação: Verificação Personalizada
Resultado: Terminado
Objetos Verificados: 566046
Tempo Decorrido: 2 hr, 15 min, 40 seg

Memória: Habilitado
Inicialização: Habilitado
Sistema de Arquivos: Habilitado
Arquivos Compactados: Habilitado
Rootkits: Desabilitado
Heurística: Habilitado
PUP: Habilitado
PUM: Habilitado

Processos: 2
PUP.Optional.Salus.A, C:\Program Files (x86)\Smwyyntm1ndi1zdz\mwiynzm4ndy1yjz.exe, 1296, Apagar ao Reiniciar, [457861bdfd8d57dfde256d26a95a857b]
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat\FlashBeat.exe, 1876, Apagar ao Reiniciar, [caf31c0291f9c1750b45eea1966d47b9]

Módulos: 0
(Nenhum item malicioso detectado)

Chaves de Registro: 34
PUP.Optional.QuickRef.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\qrnfd_1_10_0_9, Quarentena, [6a53f12d0b7f53e3545c87911ae807f9],
PUP.Optional.SearchApp.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C0CAA5FE-7C9C-4DCA-A265-63CF55379D1A}, Quarentena, [635a6fafb9d130062e07aa9a37ccbe42],
PUP.Optional.SearchApp.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C0CAA5FE-7C9C-4DCA-A265-63CF55379D1A}, Quarentena, [635a6fafb9d130062e07aa9a37ccbe42],
PUP.Optional.Salus.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\mwiynzm4ndy1yjz, Quarentena, [407dab73ccbe270fa857583abf440ff1],
PUP.Optional.Flashbeat.A, HKLM\SOFTWARE\Flashbeat, Quarentena, [d9e4e43a2b5f1f1784cd0e804fb49f61],
PUP.Optional.MagnoPlayer.A, HKLM\SOFTWARE\CLASSES\APPLICATIONS\MagnoPlayer.exe, Quarentena, [6e4f3ee0e3a7b482e087dbb5be4534cc],
PUP.Optional.MagnoPlayer.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPLICATIONS\MagnoPlayer.exe, Quarentena, [f0cd46d8aedc7bbbd6910e82649f9d63],
PUP.Optional.Flashbeat.A, HKLM\SOFTWARE\WOW6432NODE\Flashbeat, Quarentena, [15a822fc7e0c1422aaa7107e689bd729],
PUP.Optional.LightsOut.A, HKLM\SOFTWARE\WOW6432NODE\Lights Out, Quarentena, [09b428f65d2d57dff329eae24db6d32d],
PUP.Optional.MagnoPlayer.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPLICATIONS\MagnoPlayer.exe, Quarentena, [a716b86692f885b16007dfb1966dd828],
PUP.Optional.FlashBeat.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\FlashBeat, Quarentena, [caf31c0291f9c1750b45eea1966d47b9],
PUP.Optional.iWebar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\iWebar-nv-ie, Quarentena, [1ba25ac48802f83e56b8cdc356adcc34],
PUP.Optional.LightsOut.A, HKU\S-1-5-21-956575514-692205280-2611169239-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Lights Out, Quarentena, [13aafe20cdbd2f07ae6fe6e658ab817f],
PUP.Optional.FlashBeat.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{B8D1E62C-5D04-4AB0-A09E-688FF75743EF}, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1B0071C9-831E-43DD-9EFE-722D8AEB9E2E}, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{5217E897-1728-4B11-BC9D-5405AD551BEF}, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{6073385E-A128-4464-9DFD-C7CF0F39A492}, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{81E47395-D310-4064-B963-844C4088AB76}, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{83E41C3D-190A-4052-A046-269722F3B4FD}, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A62D52D9-1E41-4772-A794-71B9B92AA014}, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{D1C116A0-DC17-4257-9190-033AE10F90B9}, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{ED5B55CA-994B-42B9-93B6-1FD306925967}, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FB7F9DF6-2A66-444F-BA5D-2F221F1B1AC8}, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1B0071C9-831E-43DD-9EFE-722D8AEB9E2E}, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{5217E897-1728-4B11-BC9D-5405AD551BEF}, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6073385E-A128-4464-9DFD-C7CF0F39A492}, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{81E47395-D310-4064-B963-844C4088AB76}, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{83E41C3D-190A-4052-A046-269722F3B4FD}, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A62D52D9-1E41-4772-A794-71B9B92AA014}, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{D1C116A0-DC17-4257-9190-033AE10F90B9}, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{ED5B55CA-994B-42B9-93B6-1FD306925967}, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FB7F9DF6-2A66-444F-BA5D-2F221F1B1AC8}, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{B8D1E62C-5D04-4AB0-A09E-688FF75743EF}, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FlashBeat, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],

Valores de Registro: 1
PUP.Optional.Salus.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mwyyntm1ndi1zdz, C:\Program Files (x86)\Smwyyntm1ndi1zdz\mwiynzm4ndy1yjz.exe, Quarentena, [457861bdfd8d57dfde256d26a95a857b]

Dados de Registro: 2
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bom: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Ruim: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Substituído,[407dd747088259dd3e20e1df7d8858a8]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bom: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Ruim: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Substituído,[813c64ba2664072fce90fcc4e81d53ad]

Pastas: 18
PUP.Optional.LightsOut.A, C:\Program Files (x86)\Lights Out, Quarentena, [d6e7c757157569cd3c2c0d80a85b21df],
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro, Quarentena, [4d7044dac7c35adc75abcfa7887be020],
PUP.Optional.Salus.A, C:\Program Files (x86)\Smwyyntm1ndi1zdz, Apagar ao Reiniciar, [7845fb23cebc191d5da05632d3309b65],
PUP.Optional.Salus.A, C:\Program Files (x86)\Smwyyntm1ndi1zdz\mwiynzm4ndy1yjz, Quarentena, [7845fb23cebc191d5da05632d3309b65],
PUP.Optional.Salus.A, C:\Program Files (x86)\Smwyyntm1ndi1zdz\mwiynzm4ndy1yjz\SSL, Quarentena, [7845fb23cebc191d5da05632d3309b65],
PUP.Optional.Salus.A, C:\Program Files (x86)\Smwyyntm1ndi1zdz\nss, Quarentena, [7845fb23cebc191d5da05632d3309b65],
PUP.Optional.Salus.A, C:\Program Files (x86)\Umtayyznhndq1ntz, Quarentena, [3d80bc62a7e300361be36820bd4629d7],
PUP.Optional.QuickRef.A, C:\Program Files (x86)\QuickRef_1.10.0.9, Quarentena, [caf34dd1afdb8aac94d9b1da9073758b],
PUP.Optional.QuickRef.A, C:\Program Files (x86)\QuickRef_1.10.0.9\3rd Party Licenses, Quarentena, [caf34dd1afdb8aac94d9b1da9073758b],
PUP.Optional.QuickRef.A, C:\Program Files (x86)\QuickRef_1.10.0.9\Service, Quarentena, [caf34dd1afdb8aac94d9b1da9073758b],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\WajNEnhance Internet Enhancer, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Search, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Uninstall Wajam, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat, Apagar ao Reiniciar, [b9044ed0c1c996a0c4fa6f1d5ba8df21],

Arquivos: 169
PUP.Optional.QuickRef.A, C:\Windows\System32\drivers\qrnfd_1_10_0_9.sys, Quarentena, [6a53f12d0b7f53e3545c87911ae807f9],
PUP.Optional.CrossRider.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\utils.exe.vir, Quarentena, [b00d5cc20a806ec849fe3a1f2ed2c040],
PUP.Optional.MagnoPlayer.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\MagnoPlayer\FrameworkControl.exe.vir, Quarentena, [784525f9d1b9092d4f0f9acfa25e18e8],
PUP.Optional.MagnoPlayer.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\MagnoPlayer\MagnoPlayer.exe.vir, Quarentena, [d4e9db43830786b0e37bacbd09f77f81],
PUP.Optional.MagnoPlayer.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\MagnoPlayer\references\mgChecker.exe.vir, Quarentena, [2f8e06180c7e4ee8e57995d4e91704fc],
PUP.Optional.MyPCBackup.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\MyPC Backup.exe.vir, Quarentena, [d4e937e7573338fe8f32ab4103fe1ce4],
PUP.Optional.MyPCBackup.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\Service Start.exe.vir, Quarentena, [605d19053d4dcd69a31e688461a01fe1],
PUP.Optional.ObjectBrowser.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Object Browser\384a2abd-84ad-4fbb-91bb-57738355afae-1-6.exe.vir, Quarentena, [239a16087d0dd66062298f84d929a45c],
PUP.Optional.ObjectBrowser.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Object Browser\384a2abd-84ad-4fbb-91bb-57738355afae-1-7.exe.vir, Quarentena, [1f9ec25cc6c4c86e602bf3208f73e719],
PUP.Optional.ObjectBrowser.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Object Browser\384a2abd-84ad-4fbb-91bb-57738355afae-5.exe.vir, Quarentena, [cfee809e5e2c6cca5437e42f9f635da3],
PUP.Optional.CrossRider.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Object Browser\utils.exe.vir, Quarentena, [e8d541dd612938fe3116d782be42cb35],
PUP.Optional.QuickRef.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\QuickRef_1.10.0.8\Uninstall.exe.vir, Quarentena, [aa13b46a94f6c1759c145abe42c03bc5],
PUP.Optional.QuickRef.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\QuickRef_1.10.0.8\Service\qrsvc.exe.vir, Quarentena, [a5189589e3a7ab8b931dee2a6e945aa6],
PUP.Optional.XTab.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\ProtectService.exe.vir, Quarentena, [2994a07ebdcdb77f0fcab951f30fe11f],
PUP.Optional.SupTab.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\SupTab.dll.vir, Quarentena, [3e7f9688365448eef8c867ce54acef11],
PUP.Optional.WindowsProtectManger.A, C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir, Quarentena, [0ab373ab3d4df145bd0a8adc718f3ec2],
PUP.Optional.SmartWeb.A, C:\AdwCleaner\Quarantine\C\Users\emle\AppData\Local\SmartWeb\SmartWebApp.exe.vir, Quarentena, [f1cc52cc8ffb290db60d2dcb857ca25e],
PUP.Optional.SmartWeb.A, C:\AdwCleaner\Quarantine\C\Users\emle\AppData\Local\SmartWeb\SmartWebHelper.exe.vir, Quarentena, [a31a819dd2b8fc3ad0f3698f837ebb45],
PUP.Optional.SmartWeb.A, C:\AdwCleaner\Quarantine\C\Users\emle\AppData\Local\SmartWeb\swhk.dll.vir, Quarentena, [fbc21c022367072ffbc8609868991ee2],
PUP.Optional.SmartWeb.A, C:\AdwCleaner\Quarantine\C\Users\emle\AppData\Local\SmartWeb\uninst.exe.vir, Quarentena, [6b5241dd761424127c47b444c73aed13],
PUP.Optional.QuickRef.A, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\qrnfd_1_10_0_8.sys.vir, Quarentena, [219ccc526624ef47dad6e92f40c240c0],
PUP.Optional.Goobzo, C:\Program Files\Common Files\ShopperPro\spbiu.exe, Quarentena, [ad10948adcae9e98d40ed5bea75e9f61],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Lights Out\utils.exe, Quarentena, [5766b965adddce68f8e4d672be4243bd],
PUP.Optional.QuickRef.A, C:\Program Files (x86)\QuickRef_1.10.0.9\Service\qrsvc.exe, Quarentena, [08b55fbfa2e87fb7eac61701de240cf4],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\WajNEnhance Internet Enhancer\InternetEnhancer.exe, Quarentena, [48752df1503a0630bbf440d8946e4eb2],
PUP.Optional.Goobzo, C:\System Volume Information\SystemRestore\FRStaging\Program Files\Common Files\ShopperPro\spbiu.exe, Quarentena, [16a766b833576bcb3ea4b3e0e71e56aa],
PUP.Optional.Ilivid, C:\System Volume Information\SystemRestore\FRStaging\Users\emle\AppData\Local\iLivid\Uninstall.exe, Quarentena, [893433eb4545e84e9f5e9f51f110847c],
PUP.Optional.SoftPulse, C:\System Volume Information\SystemRestore\FRStaging\Users\emle\AppData\Local\Microsoft\Windows\INetCache\IE\G59O8MXY\Setup.exe, Quarentena, [7e3f9589474359dd421cee34837f40c0],
PUP.Optional.MagnoPlayer.A, C:\System Volume Information\SystemRestore\FRStaging\Users\emle\AppData\Local\Microsoft\Windows\INetCache\IE\YRMVBAC3\MagnoPlayerSetup[1].exe, Quarentena, [01bcd6486426b87e441a2148a45cdc24],
PUP.Optional.SoftPulse, C:\System Volume Information\SystemRestore\FRStaging\Users\emle\AppData\Local\Temp\exe.exe, Quarentena, [bc0153cb4842a29474ea6db5e919ce32],
PUP.Optional.BPlug, C:\System Volume Information\SystemRestore\FRStaging\Users\emle\AppData\Local\Temp\Browser Good\BrowserGood.mg.exe, Quarentena, [3e7fe836a5e58da902e3567b8b76bc44],
PUP.Optional.BrowserGood.A, C:\System Volume Information\SystemRestore\FRStaging\Users\emle\AppData\Local\Temp\Browser Good\BrowserGood_Setup.exe, Quarentena, [c2fb8b936a2091a5aa01f40d54ae48b8],
PUP.Optional.MagnoPlayer.A, C:\System Volume Information\SystemRestore\FRStaging\Users\emle\AppData\Local\Temp\c2410cd4-2652-466b-aa74-421f8354d6eb\magnoplayersetup.exe, Quarentena, [5b62d7473e4c71c572eced7c43bdd22e],
PUP.Optional.BPlug, C:\System Volume Information\SystemRestore\FRStaging\Users\emle\AppData\Local\Temp\is-PQDH1.tmp\browsergood_soft_partner.exe, Quarentena, [c6f739e55733f1454c99844d55accf31],
PUP.Optional.VeriStaff, C:\Users\emle\AppData\Local\Ap\MTResources\atem.exe, Quarentena, [6a5321fd1a709d99c8c02c31659b09f7],
PUP.Optional.ObjectBrowser.A, C:\zoek_backup\C_Users_emle_AppData_Roaming_RLZF.exe.vir, Quarentena, [685546d8434711251d6e24ef25dd01ff],
PUP.Optional.MovieWizard.A, C:\zoek_backup\C_PROGRA~3_laqdRDAZZsB\JWgrlXOQbQ.exe, Quarentena, [9e1f7da1fe8c1e18497de8c752af44bc],
PUP.Optional.ZombieInvasion.A, C:\zoek_backup\C_PROGRA~3_laqdRDAZZsB\dat\IjNYNxcdFgI.dll, Quarentena, [f6c741ddee9c76c0b8cfd3e07b8a0ff1],
PUP.Optional.MovieWizard.A, C:\zoek_backup\C_PROGRA~3_laqdRDAZZsB\dat\kKvsROkqz.exe, Quarentena, [b607829cc5c5ae886f57aa058d7437c9],
PUP.Optional.MovieWizard.A, C:\zoek_backup\C_PROGRA~3_laqdRDAZZsB\dat\raSuUTwiSss.exe, Quarentena, [9c2148d68a0071c54284911e649d2ed2],
PUP.Optional.LightsOut.A, C:\Program Files (x86)\Lights Out\bgNova.html, Quarentena, [d6e7c757157569cd3c2c0d80a85b21df],
PUP.Optional.LightsOut.A, C:\Program Files (x86)\Lights Out\Uninstall.exe, Quarentena, [d6e7c757157569cd3c2c0d80a85b21df],
PUP.Optional.Salus.A, C:\Windows\System32\drivers\mwiynzm4ndy1yjz.sys, Quarentena, [407dab73ccbe270fa857583abf440ff1],
PUP.Optional.CheckMeUp.A, C:\Windows\Tasks\CheckMeUp Update.job, Quarentena, [cdf0f529d0ba9c9acf995f3add2630d0],
PUP.Optional.CheckMeUp.A, C:\Windows\System32\Tasks\CheckMeUp Update, Quarentena, [dae3af6f553584b296d37227f21117e9],
PUP.Optional.Salus.A, C:\Program Files (x86)\Smwyyntm1ndi1zdz\mwiynzm4ndy1yjz.exe, Apagar ao Reiniciar, [457861bdfd8d57dfde256d26a95a857b],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat\FlashBeat.exe, Apagar ao Reiniciar, [caf31c0291f9c1750b45eea1966d47b9],
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbia.exe, Quarentena, [4d7044dac7c35adc75abcfa7887be020],
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbici32.dll, Quarentena, [4d7044dac7c35adc75abcfa7887be020],
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbici32.dll.2128895927, Quarentena, [4d7044dac7c35adc75abcfa7887be020],
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbici64.dll, Quarentena, [4d7044dac7c35adc75abcfa7887be020],
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbici64.dll.2128895927, Quarentena, [4d7044dac7c35adc75abcfa7887be020],
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbii32.exe, Quarentena, [4d7044dac7c35adc75abcfa7887be020],
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbii64.exe, Quarentena, [4d7044dac7c35adc75abcfa7887be020],
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbiw.sys, Quarentena, [4d7044dac7c35adc75abcfa7887be020],
PUP.Optional.Salus.A, C:\Program Files (x86)\Smwyyntm1ndi1zdz\mwiynzm4ndy1yjz.log, Quarentena, [7845fb23cebc191d5da05632d3309b65],
PUP.Optional.Salus.A, C:\Program Files (x86)\Smwyyntm1ndi1zdz\settings.txt, Quarentena, [7845fb23cebc191d5da05632d3309b65],
PUP.Optional.Salus.A, C:\Program Files (x86)\Smwyyntm1ndi1zdz\uninstall.exe, Quarentena, [7845fb23cebc191d5da05632d3309b65],
PUP.Optional.Salus.A, C:\Program Files (x86)\Smwyyntm1ndi1zdz\mwiynzm4ndy1yjz\SSL\Salus CA-[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Quarentena, [7845fb23cebc191d5da05632d3309b65],
PUP.Optional.Salus.A, C:\Program Files (x86)\Smwyyntm1ndi1zdz\mwiynzm4ndy1yjz\SSL\Salus CA-[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Quarentena, [7845fb23cebc191d5da05632d3309b65],
PUP.Optional.Salus.A, C:\Program Files (x86)\Smwyyntm1ndi1zdz\mwiynzm4ndy1yjz\SSL\Salus CA.cer, Quarentena, [7845fb23cebc191d5da05632d3309b65],
PUP.Optional.Salus.A, C:\Program Files (x86)\Smwyyntm1ndi1zdz\mwiynzm4ndy1yjz\SSL\Salus CA.pvk, Quarentena, [7845fb23cebc191d5da05632d3309b65],
PUP.Optional.Salus.A, C:\Program Files (x86)\Smwyyntm1ndi1zdz\mwiynzm4ndy1yjz\SSL\test.cer, Quarentena, [7845fb23cebc191d5da05632d3309b65],
PUP.Optional.Salus.A, C:\Program Files (x86)\Smwyyntm1ndi1zdz\mwiynzm4ndy1yjz\SSL\test.pvk, Quarentena, [7845fb23cebc191d5da05632d3309b65],
PUP.Optional.Salus.A, C:\Program Files (x86)\Smwyyntm1ndi1zdz\nss\certutil.exe, Quarentena, [7845fb23cebc191d5da05632d3309b65],
PUP.Optional.Salus.A, C:\Program Files (x86)\Smwyyntm1ndi1zdz\nss\mozcrt19.dll, Quarentena, [7845fb23cebc191d5da05632d3309b65],
PUP.Optional.Salus.A, C:\Program Files (x86)\Smwyyntm1ndi1zdz\nss\nspr4.dll, Quarentena, [7845fb23cebc191d5da05632d3309b65],
PUP.Optional.Salus.A, C:\Program Files (x86)\Smwyyntm1ndi1zdz\nss\nss3.dll, Quarentena, [7845fb23cebc191d5da05632d3309b65],
PUP.Optional.Salus.A, C:\Program Files (x86)\Smwyyntm1ndi1zdz\nss\plc4.dll, Quarentena, [7845fb23cebc191d5da05632d3309b65],
PUP.Optional.Salus.A, C:\Program Files (x86)\Smwyyntm1ndi1zdz\nss\plds4.dll, Quarentena, [7845fb23cebc191d5da05632d3309b65],
PUP.Optional.Salus.A, C:\Program Files (x86)\Smwyyntm1ndi1zdz\nss\smime3.dll, Quarentena, [7845fb23cebc191d5da05632d3309b65],
PUP.Optional.Salus.A, C:\Program Files (x86)\Smwyyntm1ndi1zdz\nss\softokn3.dll, Quarentena, [7845fb23cebc191d5da05632d3309b65],
PUP.Optional.Salus.A, C:\Program Files (x86)\Umtayyznhndq1ntz\mtuyntm5ndy1yjy.exe, Quarentena, [3d80bc62a7e300361be36820bd4629d7],
PUP.Optional.Salus.A, C:\Program Files (x86)\Umtayyznhndq1ntz\mtuyntm5ndy1yjy.log, Quarentena, [3d80bc62a7e300361be36820bd4629d7],
PUP.Optional.Salus.A, C:\Program Files (x86)\Umtayyznhndq1ntz\mwiyzdnlndk1yty.json, Quarentena, [3d80bc62a7e300361be36820bd4629d7],
PUP.Optional.Salus.A, C:\Program Files (x86)\Umtayyznhndq1ntz\mwmyzjmzngu1mdy.exe, Quarentena, [3d80bc62a7e300361be36820bd4629d7],
PUP.Optional.Salus.A, C:\Program Files (x86)\Umtayyznhndq1ntz\mwmyzjmzngu1mdy.log, Quarentena, [3d80bc62a7e300361be36820bd4629d7],
PUP.Optional.QuickRef.A, C:\Program Files (x86)\QuickRef_1.10.0.9\3rd Party Licenses\buildcrx-license.txt, Quarentena, [caf34dd1afdb8aac94d9b1da9073758b],
PUP.Optional.QuickRef.A, C:\Program Files (x86)\QuickRef_1.10.0.9\3rd Party Licenses\Info-ZIP-license.txt, Quarentena, [caf34dd1afdb8aac94d9b1da9073758b],
PUP.Optional.QuickRef.A, C:\Program Files (x86)\QuickRef_1.10.0.9\3rd Party Licenses\JSON-simple-license.txt, Quarentena, [caf34dd1afdb8aac94d9b1da9073758b],
PUP.Optional.QuickRef.A, C:\Program Files (x86)\QuickRef_1.10.0.9\3rd Party Licenses\nsJSON-license.txt, Quarentena, [caf34dd1afdb8aac94d9b1da9073758b],
PUP.Optional.QuickRef.A, C:\Program Files (x86)\QuickRef_1.10.0.9\3rd Party Licenses\Nustache-license.txt, Quarentena, [caf34dd1afdb8aac94d9b1da9073758b],
PUP.Optional.QuickRef.A, C:\Program Files (x86)\QuickRef_1.10.0.9\3rd Party Licenses\TaskScheduler-license.txt, Quarentena, [caf34dd1afdb8aac94d9b1da9073758b],
PUP.Optional.QuickRef.A, C:\Program Files (x86)\QuickRef_1.10.0.9\3rd Party Licenses\UAC-license.txt, Quarentena, [caf34dd1afdb8aac94d9b1da9073758b],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\amazon.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\argos.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\ask.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\bestbuy.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\ebay.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\etsy.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\facebook.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\favicon.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\google.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\homedepot.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\ikea.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\imdb.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\lowes.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\mercado.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\mysearchweb.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\myshopping.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\searchresult.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\sears.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\setting.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\settings.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\shopping.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\target.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\tesco.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\tripadvisor.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\twitter.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\wajam.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\walmart.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\wiki.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\yahoo.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\Logos\zalando.ico, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\WajNEnhance Internet Enhancer\0bbe0f7fca7a091f277f63e2ef308126, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\WajNEnhance Internet Enhancer\ApiHandlr.dll, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\WajNEnhance Internet Enhancer\f85dad7eb09037f10d56e6a34a7e1534, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\WajNEnhance Internet Enhancer\FiddlerCore.dll, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\WajNEnhance Internet Enhancer\HtmlAgilityPack.dll, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\WajNEnhance Internet Enhancer\InternetEnhancerService.exe, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\WajNEnhance Internet Enhancer\makecert.exe, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\WajNEnhance Internet Enhancer\Newtonsoft.Json.dll, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\WajNEnhance Internet Enhancer\WHttpServer.exe, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\WajNEnhance Internet Enhancer\wie, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WajNEnhance\WajNEnhance Internet Enhancer\WJManifest, Quarentena, [318c978706847eb83e6a5933bb4808f8],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Search\Ask.lnk, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Search\Google.lnk, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Search\IMDb.lnk, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Search\Shopping.com.lnk, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Search\TripAdvisor.lnk, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Search\Wikipedia.lnk, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Search\Yahoo!.lnk, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\Amazon.lnk, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\Argos.lnk, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\Ebay.lnk, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\Etsy.lnk, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\HomeDepot.lnk, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\Ikea.lnk, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\Lowe's.lnk, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\Mercadolivre.lnk, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\MyShopping.lnk, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\Sears.lnk, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\Target.lnk, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\Tesco.lnk, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\Walmart.lnk, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Explore Social Shopping\Zalando.lnk, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajNEnhance\Uninstall Wajam\uninstall.lnk, Quarentena, [67565cc2c9c19b9b397056366b980af6],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat\ColorMedia.dll, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat\ColorMedia.exe, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat\ColorMedia.tlb, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat\ColorMedia64.dll, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat\ColorMediaCrt.dll, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat\freebl3.dll, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat\libnspr4.dll, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat\libplc4.dll, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat\libplds4.dll, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat\nss3.dll, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat\nssckbi.dll, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat\nssdbm3.dll, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat\nssutil3.dll, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat\RfndNSIS.dll, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat\RgsBTMedia.exe, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat\RgsBTMedia.ini, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat\RgsBTMedia64.exe, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat\smime3.dll, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat\softokn3.dll, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat\sqlite3.dll, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat\ssl3.dll, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],
PUP.Optional.FlashBeat.A, C:\ProgramData\FlashBeat\uninstall.exe, Quarentena, [b9044ed0c1c996a0c4fa6f1d5ba8df21],

Setores Físicos: 0
(Nenhum item malicioso detectado)


(end)

Desative temporariamente seu antivirus para evitar conflitos.

Baixe o programa AT-Destroyer (...de InfoSpyware) e salve-o no Desktop (Área de Trabalho):
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no arquivo que você acabou de baixar do AT-Destroyer e selecione Executar como administrador

*Clique na opção [Buscar y Destruir]

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso seja necessário, o programa solicitará a reinicialização do PC

*Cole o relatório apresentado. Este relatório estará também em C:\AT-Destroyer.txt

nao concegui fazer o dowload do at destroyer

O que ocorreu? Desative temporariamente seu antivirus para que ele não bloqueie o download.

simplismente nao da opçao para dowload

Com seu antivirus temporariamente desativado, acesse aquele link que te passei > Clique no botão verde (Descargar) para fazer o download.

quando vou em descarregar somente direciona pra outra pagina e nao da opcao de dowload na maquina q estou temtando baixar nao uso antivirus

Acesse o link abaixo e clique em DOWNLOAD para baixá-lo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

######################## AT-Destroyer [2.1] By Infospyware.
Hora/Día/Mes/Año: 09:49:11 \\\ 15/02/2015
AT-Destroyer 2.1 By Infospyware ---> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Última actualización: 30/11/2012
Opción escogida: 2 :Buscar y Destruir
Versión Internet Explorer:9.11.9600.17631
Mozilla Firefox:35.0.1.5500
Privilegios: emle - Administrador
Modo Actual: Modo Normal.
Nombre del pc: EMILE
Información del sistema operativo:X64-WIN_8-
nombre del usuario:emle
Lenguaje del sistema: Portugués



>>>>>>> Servicios <<<<<<<



>>>>>> Carpetas <<<<<<



>>>>>> Archivos <<<<<<



>>>>>> Registro <<<<<<

HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}


>>>>>> Heurística <<<<<<



>>>>>> Internet Explorer <<<<<<

Start Page==[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Local Page==C:\Windows\SysWOW64\blank.htm
Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
Default_Page_URL==http://go.microsoft.com/fwlink/?LinkId=69157


''HKCU\Software\Microsoft\Internet Explorer\Main''
Start Page==[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Local Page==C:\Windows\system32\blank.htm
Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
Default_Page_URL==http://go.microsoft.com/fwlink/?LinkId=69157


HKEY_USERS\S-1-5-21-956575514-692205280-2611169239-1001\Software\Microsoft\Internet Explorer\Main''
Start Page==[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Local Page==C:\Windows\system32\blank.htm
Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
Default_Page_URL==http://go.microsoft.com/fwlink/?LinkId=69157


>>>>>> Firefox <<<<<<

user_pref("browser.startup.homepage", "[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
user_pref("browser.startup.homepage_override.buildID", "20150122214805");
user_pref("browser.startup.homepage_override.mstone", "35.0.1");


>>>>>> Extensiones Firefox <<<<<<



>>>>>> Plugins Firefox <<<<<<

HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader


>>>>>> Extensiones Google Chrome <<<<<<


======== Listado ===========

C:\Users\emle\AppData\Roaming\Macromedia [D] 0 ( )
C:\Users\emle\AppData\Roaming\Microsoft [SD] 0 ( )
C:\Users\emle\AppData\Roaming\Mozilla [D] 0 ( )
C:\Users\emle\AppData\Roaming\Positivo [D] 0 ( )
C:\Users\emle\AppData\Roaming\XBMC [D] 0 ( )
C:\Users\emle\AppData\Roaming\ZHP [D] 0 ( )
C:\Program Files (x86)\Baidu Security [D] 0( 0)
C:\Program Files (x86)\Common Files [D] 0( 0)
C:\Program Files (x86)\desktop.ini [HSA] 174 bytes( 0)
C:\Program Files (x86)\InstallShield Installation Information [HD] 0( 0)
C:\Program Files (x86)\Intel [D] 0( 0)
C:\Program Files (x86)\Internet Explorer [D] 0( 0)
C:\Program Files (x86)\Malwarebytes Anti-Malware [D] 0( 0)
C:\Program Files (x86)\Microsoft Office [D] 0( 0)
C:\Program Files (x86)\Microsoft SQL Server Compact Edition [D] 0( 0)
C:\Program Files (x86)\Microsoft.NET [D] 0( 0)
C:\Program Files (x86)\Mozilla Firefox [D] 0( 0)
C:\Program Files (x86)\Mozilla Maintenance Service [D] 0( 0)
C:\Program Files (x86)\OEM [D] 0( 0)
C:\Program Files (x86)\Positivo Games [D] 0( 0)
C:\Program Files (x86)\Realtek [D] 0( 0)
C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver [D] 0( 0)
C:\Program Files (x86)\Stpro [D] 0( 0)
C:\Program Files (x86)\Temp [HD] 0( 0)
C:\Program Files (x86)\VideoLAN [D] 0( 0)
C:\Program Files (x86)\Windows Defender [D] 0( 0)
C:\Program Files (x86)\Windows Live [D] 0( 0)
C:\Program Files (x86)\Windows Mail [D] 0( 0)
C:\Program Files (x86)\Windows Media Player [D] 0( 0)
C:\Program Files (x86)\Windows Multimedia Platform [D] 0( 0)
C:\Program Files (x86)\Windows NT [D] 0( 0)
C:\Program Files (x86)\Windows Photo Viewer [D] 0( 0)
C:\Program Files (x86)\Windows Portable Devices [D] 0( 0)
C:\Program Files (x86)\Windows Sidebar [HSD] 0( 0)
C:\Program Files (x86)\WindowsPowerShell [D] 0( 0)
C:\Program Files (x86)\XBMC [D] 0( 0)
C:\Program Files (x86)\Zylom Games [D] 0( 0)
C:\ProgramData\Application Data [HSDLI] 0 0
C:\ProgramData\Baidu [DI] 0 0
C:\ProgramData\Baidu Security [DI] 0 0
C:\ProgramData\cfb7e34302e345f9a579b07a7bc32829 [DI] 0 0
C:\ProgramData\Dados de Aplicativos [HSDLI] 0 0
C:\ProgramData\Desktop [HSDLI] 0 0
C:\ProgramData\Documentos [HSDLI] 0 0
C:\ProgramData\Documents [HSDLI] 0 0
C:\ProgramData\DP45977C.lfl [HAI] 0 bytes 0
C:\ProgramData\Intel [DI] 0 0
C:\ProgramData\Malwarebytes [DI] 0 0
C:\ProgramData\Menu Iniciar [HSDLI] 0 0
C:\ProgramData\Microsoft [SDI] 0 0
C:\ProgramData\Modelos [HSDLI] 0 0
C:\ProgramData\Mozilla [DI] 0 0
C:\ProgramData\ntuser.pol [RHSAI] 8 bytes 0
C:\ProgramData\Positivo Informática [D] 0 0
C:\ProgramData\regid.1991-06.com.microsoft [DI] 0 0
C:\ProgramData\SmartProtect [HD] 0 0
C:\ProgramData\Start Menu [HSDLI] 0 0
C:\ProgramData\Templates [HSDLI] 0 0
C:\ProgramData\Vivo [DI] 0 0

==================== EOF ==================

Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 8.1 Connected Single Language x64
Ran by emle on 15/02/2015 at 10:00:18,52
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\baidu"
Successfully deleted: [Folder] "C:\ProgramData\baidu security"
Failed to delete: [Folder] "C:\Program Files (x86)\baidu security"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15/02/2015 at 10:09:36,54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.
_____________________________________________________________________________

Obs: Caso o relatório do ZHPDiag fique muito grande e não couber na sua resposta, acesse o site Cjoint:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Clique no botão Escolher arquivo > Selecione o arquivo do log (relatório) e clique no botão Abrir.

Clique no botão Créer le lien Cjoint

Copie o link que aparecerá ao lado da frase Le lien a été créé e poste este link em sua próxima resposta.

~ Relatório do ZHPDiag v2015.2.14.19 - Nicolas Coolman (14/02/2015)
~ Iniciado por emle (15/02/2015 10:24:43)
~ Facebook : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Endereço do Webforum : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Desativado pelo Utilizador
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17631 (Defaut)
MFIE: Mozilla Firefox 35.0.1

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 8.1 Connected Single Language, 64-bit (Build 9600)

---\\ Softwares de proteçao do sistema
Malwarebytes Anti-Malware versão 2.0.4.1028
Windows Defender W8 (Deactivate)

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Reader XI - Português

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 55 Stepping 8, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1937 MB (44% free)
System Restore: Activé (Enable)
System drive C: has 254 GB (89%) free of 283 GB

---\\ Modo de conexão ao sistema
~ Computer Name: EMILE
~ User Name: emle
~ All Users Names: emle, Convidado, Administrador,
~ Unselected Option: None
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\emle\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\emle\AppData\Roaming\
~ %Desktop% : C:\Users\emle\Desktop\
~ %Favorites% : C:\Users\emle\Favorites\
~ %LocalAppData% : C:\Users\emle\AppData\Local\
~ %StartMenu% : C:\Users\emle\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 254 Go of 283 Go)
D: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 44 Scanned in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.ACDBE1ED38167C8B01B8F63161BB2CEA] - (.Microsoft Corporation - Windows Explorer.) (.23/08/2014 - 04:48:28.) -- C:\Windows\Explorer.exe [2374784]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.22/08/2013 - 06:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.9DFE41A69DF70AAB75CB5BA8C1109EA2] - (.Microsoft Corporation - Internet Extensions para Win32.) (.11/01/2015 - 22:27:32.) -- C:\Windows\System32\wininet.dll [2358272]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.18/03/2014 - 07:16:12.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.18/03/2014 - 07:16:13.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.7C7BE474915166B61B84C025F1F10157] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.02/04/2014 - 23:23:11.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 09:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 08:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 05:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.414686EF104910BA41DF66E83BDCD495] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.18/03/2014 - 07:15:54.) -- C:\Windows\system32\Drivers\DfsC.sys [134656]
[MD5.498288DD5CA42C2D36D125893E968C53] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.18/03/2014 - 05:19:14.) -- C:\Windows\system32\Drivers\HDAudBus.sys [77312]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Driver de porta i8042.) (.22/08/2013 - 08:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.18/03/2014 - 07:16:16.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.7A1A3F213CDB3363D179D5014272025D] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.30/04/2014 - 03:41:46.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402432]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 08:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.9AEB38B451A7B84ACB7CD3D664F87BF0] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.18/03/2014 - 07:15:53.) -- C:\Windows\system32\Drivers\ntfs.sys [2013016]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) (.22/08/2013 - 08:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 08:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Microsoft.) (.18/03/2014 - 06:44:32.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.4BB9BC49DEE1A319EC58274A7BBED663] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.06/03/2014 - 09:42:44.) -- C:\Windows\system32\Drivers\volsnap.sys [310616]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/12
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/5
~ Mon Bureau (My Desktop) : 1/15
~ Menu demarrer (Programs) : 1/22
~ Hidden Files: Scanned in 00mn 00s



---\\ Processos lançados
[MD5.3C13F26A4766752314A5413038BD86B4] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [7229752] [PID.3172]
[MD5.0EAF2BC37FFCD53553440A46FCAEC4FC] - (.Positivo Informática - Posibar.) -- C:\Positivo\Deskmedia\Posibar\Posibar.exe [1292600] [PID.4472]
[MD5.B31A0F6424569523651FE5C3F6D2937D] - (.No owner - IPM.exe.) -- C:\Program Files (x86)\OEM\IPM 1.9.9\IPM.exe [1105920] [PID.1076]
[MD5.8DF7F2A9B72B7CA4294BB9E59FEAEFCD] - (.Microsoft Corporation - Host WWA Microsoft.) -- C:\Windows\syswow64\wwahost.exe [514560] [PID.3824]
[MD5.4A7118D76E02F0612905778A421C640F] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8169984] [PID.1904]
~ Processes Running: Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\emle\AppData\Roaming\Mozilla\Firefox\Profiles\ubh3992b.default\prefs.js
M0 - MFSP: prefs.js [emle - ubh3992b.default] [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Firefox Browser: 1 Scanned in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navegador da Internet.) (11.00.9600.17496 (winblue_r5.141121-1500)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: 21 Scanned in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hôte est sain (The hosts file is clean) (19)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
~ BHO: 1 Scanned in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [Deskmedia] . (.Positivo Informática - Gerenciador Local.) -- C:\Positivo\Deskmedia\GerenciadorLocal.exe
O4 - HKLM\..\Run: [Posibar] . (.Positivo Informática - Posibar.) -- C:\Positivo\Deskmedia\Posibar\Posibar.exe
O4 - HKLM\..\Run: [StartUpManagerPositivo] . (.Positivo Informática SA - Gerenciador de Inicialização.) -- C:\Program Files\Positivo Informática\Mundo Positivo Gerenciador de Inicialização\ManagerWindows.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [SmartProtect] . (...) -- C:\ProgramData\SmartProtect\SmartProtect.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKUS\S-1-5-21-956575514-692205280-2611169239-1001\..\Run: [SmartProtect] . (...) -- C:\ProgramData\SmartProtect\SmartProtect.exe
~ Application: Scanned in 00mn 00s



---\\ Icones das opções IE invisiveis no painel das configurações (05)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Provedor de Correção de Nomeação de Emails.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Provedor de serviços do Microsoft Windows Sockets 2.0.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1275136D-C6ED-4393-B501-4E346A01E052}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A11AFC8A-B53A-49CD-90E4-15D842E2C862}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{1275136D-C6ED-4393-B501-4E346A01E052}: DhcpDomain = domain.name
O17 - HKLM\System\CCS\Services\Tcpip\..\{A11AFC8A-B53A-49CD-90E4-15D842E2C862}: DhcpDomain = domain.name
O17 - HKLM\System\CS1\Services\Tcpip\..\{1275136D-C6ED-4393-B501-4E346A01E052}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A11AFC8A-B53A-49CD-90E4-15D842E2C862}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1275136D-C6ED-4393-B501-4E346A01E052}: DhcpDomain = domain.name
O17 - HKLM\System\CS1\Services\Tcpip\..\{A11AFC8A-B53A-49CD-90E4-15D842E2C862}: DhcpDomain = domain.name
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Users\emle\AppData\Local\Ap\MTResources\spdrmn.dll
~ AppInit DLL: Scanned in 00mn 00s



---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: DeskmediaService (DeskmediaService) . (.Positivo Informática - Deskmedia Service.) - C:\Positivo\Deskmedia\DeskmediaService.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Xbmc Control Path (psvxbmc) . (.No owner - psvxbmc.) - C:\Fabricante\psvxbmc.exe
O23 - Service: Stpro service (Stpro) . (.No owner - AutoStart.) - C:\Program Files (x86)\Stpro\Stpro.exe
O23 - Service: Remote Service (Updater) . (...) - C:\Users\emle\AppData\Local\Ap\Updater.exe
~ Services: 9 Scanned in 00mn 11s



---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Listagem dos dados do BootExecute (Bex) (034)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
[MD5.3756AF3DECE011FEDEAFC929B56CBCDF] [APT] [94A46359-5537-4201-BEFD-1EC63DFD0943] (.Baidu Inc..) -- C:\ProgramData\Baidu Security\PC_Faster_Setup_Mini_GL16.exe [1108512]
[MD5.00000000000000000000000000000000] [APT] [DriverAssist.Autostart] (...) -- C:\Program Files\DriverAssist\DriverAssist.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [DriverAssist.Scanning] (...) -- C:\Program Files\DriverAssist\DriverAssist.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [DriverAssist.ScanningFull] (...) -- C:\Program Files\DriverAssist\DriverAssist.exe (.not file.) [0]
[MD5.4DD9421E6E67B8878DF4DA91FDBD0209] [APT] [Synaptics TouchPad Enhancements] (.Synaptics Incorporated.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2777840]
[MD5.00000000000000000000000000000000] [APT] [XQPMJO] (...) -- C:\ProgramData\29d766ff52c04ce0a51e1dbf5224735d\29d766ff52c04ce0a51e1dbf5224735d.exe (.not file.) [0]
~ Scheduled Task: 7 Scanned in 00mn 09s



---\\ Componentes instalados (ActiveSetup Installed Components) (040)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API de tema do Windows.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extensão shell da pasta FTP do Microsoft Internet Explorer.) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: C:\Windows\System32\drivers\ahcache.sys (ahcache) . (.Microsoft Corporation - Application Compatibility Cache.) - C:\Windows\System32\DRIVERS\ahcache.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Agendador de pacotes de serviço.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Driver do Subsistema de Buffer da Unidade R.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: Ambiente de suporte a provedores de serviços não-IFS do Windows Socket 2.0 (ws2ifsl) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\Windows\system32\drivers\ws2ifsl.sys
~ Drivers: 34 Scanned in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: Adobe Reader XI - Português - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1046-7B44-AB0000000001}
O42 - Logiciel: Bejeweled(R) 3 (remove only) - (...) [HKLM][64Bits] -- Bejeweled(R) 3
O42 - Logiciel: Big City Adventure(TM) - Vancouver (remove only) - (...) [HKLM][64Bits] -- Big City Adventure(TM) - Vancouver
O42 - Logiciel: Canal Positivo - (.Positivo Informática.) [HKLM][64Bits] -- Canal Positivo_is1
O42 - Logiciel: Chronicles of Albian - The Magic Convention (remove only) - (...) [HKLM][64Bits] -- Chronicles of Albian - The Magic Convention
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Delicious - Emily's Childhood Memories Premium Edition (remove only) - (...) [HKLM][64Bits] -- Delicious - Emily's Childhood Memories Premium Edition
O42 - Logiciel: Driver 1.3.8 - (.OEM.) [HKLM][64Bits] -- {BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}
O42 - Logiciel: Farmscapes(TM) Premium Edition (remove only) - (...) [HKLM][64Bits] -- Farmscapes(TM) Premium Edition
O42 - Logiciel: Haunted Past - Realm of Ghosts Deluxe (remove only) - (...) [HKLM][64Bits] -- Haunted Past - Realm of Ghosts Deluxe
O42 - Logiciel: IPM 1.9.9 - (.OEM.) [HKLM][64Bits] -- {AADF4228-0772-4D43-92EB-B245E3A17B00}
O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel Corporation.) [HKLM][64Bits] -- {0B9D5D50-1530-496F-81FF-CB1B4A298FCA}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Sideband Fabric Device Driver - (.Intel Corporation.) [HKLM][64Bits] -- C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9
O42 - Logiciel: Intel(R) Trusted Execution Engine - (.Intel Corporation.) [HKLM][64Bits] -- {176E2755-0A17-42C6-88E2-192AB2131278}
O42 - Logiciel: Intel(R) Trusted Execution Engine - (.Intel Corporation.) [HKLM][64Bits] -- {2D6248C0-4693-4CAB-9922-F05E4015F62A}
O42 - Logiciel: Intel(R) Trusted Execution Engine Driver - (.Intel Corporation.) [HKLM][64Bits] -- {6307E820-0317-4DCE-AAE0-7B6CAD867055}
O42 - Logiciel: Luxor (remove only) - (...) [HKLM][64Bits] -- Luxor
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: Malwarebytes Anti-Malware versão 2.0.4.1028 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Mozilla Firefox 35.0.1 (x86 pt-BR) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 35.0.1 (x86 pt-BR)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Mundo Positivo Gerenciador de Inicialização - (.Positivo Informática S.A..) [HKLM][64Bits] -- {E365D4D7-BD51-4A7F-8ECA-0B6C0C42D3CF}_is1
O42 - Logiciel: Mystery Legends - Beauty and the Beast (remove only) - (...) [HKLM][64Bits] -- Mystery Legends - Beauty and the Beast
O42 - Logiciel: Plantas vs Zumbis(TM) (remove only) - (...) [HKLM][64Bits] -- Plantas vs Zumbis(TM)
O42 - Logiciel: Positivo Games - (.Alawar Entertainment.) [HKLM][64Bits] -- Positivo Games
O42 - Logiciel: Promoção Vivo - (.Positivo Informática S.A..) [HKLM][64Bits] -- {674e54ef-d593-4d80-8be2-35d0d8192a23}}_is1
O42 - Logiciel: REALTEK Wireless LAN Driver - (.REALTEK Semiconductor Corp..) [HKLM][64Bits] -- {9DAABC60-A5EF-41FF-B2B9-17329590CD5}
O42 - Logiciel: Realtek Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {5BC2B5AB-80DE-4E83-B8CF-426902051D0A}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Software de dispositivo do Chipset Intel® - (.Intel(R) Corporation.) [HKLM][64Bits] -- {f3e3c5dd-edd0-406b-8aa2-ce5acb93660e}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: VLC media player 2.1.3 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: Zuma's Revenge!(TM) (remove only) - (...) [HKLM][64Bits] -- Zuma's Revenge!(TM)
~ Logic: 49 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\CheckMeUp]
[HKCU\Software\AppDataLow]
[HKCU\Software\Baidu Security]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Deskmedia]
[HKCU\Software\Intel]
[HKCU\Software\Lights Out-nv-ie]
[HKCU\Software\Macromedia]
[HKCU\Software\Macrovision]
[HKCU\Software\Mine]
[HKCU\Software\Mozilla]
[HKCU\Software\Policies]
[HKCU\Software\Positivo]
[HKCU\Software\Pservice]
[HKCU\Software\QtProject]
[HKCU\Software\RLZF]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\SoilAP]
[HKCU\Software\Synaptics]
[HKCU\Software\Trolltech]
[HKCU\Software\UpdateYTD] =>Adware.Boxore
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\Baidu Security]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DTS]
[HKLM\Software\Deskmedia]
[HKLM\Software\Dolby]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\Macromedia]
[HKLM\Software\Mozilla]
[HKLM\Software\Nahimic]
[HKLM\Software\Nuance]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\Positivo Informatica]
[HKLM\Software\Positivo]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\SoilIO]
[HKLM\Software\SonicFocus]
[HKLM\Software\Synaptics]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\Alawar]
[HKLM\Software\Wow6432Node\AppDataLow]
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CurrentControlSet]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lights Out-nv-ie]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\MaxPower]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nuance]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\RtWLan]
[HKLM\Software\Wow6432Node\Ssearch]
[HKLM\Software\Wow6432Node\Universal]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Zylom Games]
[HKLM\Software\Wow6432Node\baidu]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Yamaha APO]
~ Key Software: 169 Scanned in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/08/2014 - 16:08:36 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 11/02/2015 - 19:11:28 - [] ----D C:\Program Files (x86)\Baidu Security
O43 - CFD: 29/08/2014 - 16:09:32 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 29/08/2014 - 15:54:21 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 29/08/2014 - 15:54:17 - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 15/02/2015 - 10:11:30 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 14/02/2015 - 23:13:47 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 29/08/2014 - 16:12:33 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 29/08/2014 - 16:10:54 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 22/08/2013 - 13:36:30 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 14/02/2015 - 18:23:16 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/02/2015 - 18:23:08 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 29/08/2014 - 15:51:21 - [] ----D C:\Program Files (x86)\OEM
O43 - CFD: 29/08/2014 - 16:22:12 - [] ----D C:\Program Files (x86)\Positivo Games
O43 - CFD: 29/08/2014 - 15:50:16 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 29/08/2014 - 15:54:53 - [] ----D C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver
O43 - CFD: 14/02/2015 - 15:44:49 - [] ----D C:\Program Files (x86)\Stpro
O43 - CFD: 29/08/2014 - 15:49:14 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 29/08/2014 - 16:24:34 - [] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 18/03/2014 - 08:37:00 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 29/08/2014 - 16:10:49 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 18/03/2014 - 07:29:00 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 18/03/2014 - 08:37:00 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 18/03/2014 - 08:37:00 - [] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 22/08/2013 - 13:36:30 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 18/03/2014 - 07:29:00 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 18/03/2014 - 08:37:00 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 22/08/2013 - 13:36:30 - [] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 22/08/2013 - 13:36:30 - [] ----D C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 29/08/2014 - 16:25:01 - [] ----D C:\Program Files (x86)\XBMC
O43 - CFD: 15/02/2015 - 10:20:57 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 29/08/2014 - 16:21:51 - [] ----D C:\Program Files (x86)\Zylom Games
O43 - CFD: 29/08/2014 - 16:08:38 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 29/08/2014 - 15:47:54 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 29/08/2014 - 15:53:58 - [] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 14/02/2015 - 21:10:55 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 22/08/2013 - 13:36:33 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 18/03/2014 - 07:29:00 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 29/08/2014 - 16:09:32 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 29/08/2014 - 16:08:37 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 22/08/2013 - 12:45:52 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 15/02/2015 - 10:13:09 - [] ----D C:\ProgramData\Baidu
O43 - CFD: 15/02/2015 - 10:14:05 - [] ----D C:\ProgramData\Baidu Security
O43 - CFD: 14/02/2015 - 22:41:04 - [0] ----D C:\ProgramData\cfb7e34302e345f9a579b07a7bc32829
O43 - CFD: 29/08/2014 - 17:24:17 - [] -SH-D C:\ProgramData\Dados de Aplicativos
O43 - CFD: 22/08/2013 - 12:45:52 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 29/08/2014 - 17:24:17 - [] -SH-D C:\ProgramData\Documentos
O43 - CFD: 22/08/2013 - 12:45:52 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 29/08/2014 - 15:51:28 - [] ----D C:\ProgramData\Intel
O43 - CFD: 14/02/2015 - 23:13:42 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 29/08/2014 - 17:24:17 - [] -SH-D C:\ProgramData\Menu Iniciar
O43 - CFD: 10/02/2015 - 19:15:35 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 29/08/2014 - 17:24:17 - [] -SH-D C:\ProgramData\Modelos
O43 - CFD: 14/02/2015 - 18:23:08 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 10/02/2015 - 19:17:00 - [] ----D C:\ProgramData\Positivo Informática
O43 - CFD: 29/08/2014 - 16:12:39 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 15/02/2015 - 09:53:41 - [] --H-D C:\ProgramData\SmartProtect
O43 - CFD: 22/08/2013 - 12:45:52 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 22/08/2013 - 12:45:52 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 29/08/2014 - 16:24:23 - [] ----D C:\ProgramData\Vivo
O43 - CFD: 22/08/2013 - 13:36:33 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 18/03/2014 - 07:44:42 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 18/03/2014 - 08:37:06 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 14/02/2015 - 22:41:06 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverAssist
O43 - CFD: 29/08/2014 - 16:22:12 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 29/08/2014 - 15:51:22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IPM
O43 - CFD: 22/08/2013 - 13:36:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 14/02/2015 - 23:13:50 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 29/08/2014 - 16:24:23 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Positivo Informática
O43 - CFD: 29/08/2014 - 16:24:15 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Positivo Jogos
O43 - CFD: 11/02/2015 - 21:59:15 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 18/03/2014 - 08:37:06 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 18/03/2014 - 07:44:41 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 29/08/2014 - 16:24:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 15/02/2015 - 10:20:57 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 15/02/2015 - 09:56:51 - [] ----D C:\Users\emle\AppData\Roaming\Adobe
O43 - CFD: 15/02/2015 - 10:13:09 - [] ----D C:\Users\emle\AppData\Roaming\Baidu
O43 - CFD: 10/02/2015 - 19:32:05 - [] ----D C:\Users\emle\AppData\Roaming\Macromedia
O43 - CFD: 15/02/2015 - 09:56:51 - [] -S--D C:\Users\emle\AppData\Roaming\Microsoft
O43 - CFD: 14/02/2015 - 18:24:12 - [] ----D C:\Users\emle\AppData\Roaming\Mozilla
O43 - CFD: 10/02/2015 - 19:16:18 - [] ----D C:\Users\emle\AppData\Roaming\Positivo
O43 - CFD: 10/02/2015 - 19:30:46 - [] ----D C:\Users\emle\AppData\Roaming\XBMC
O43 - CFD: 15/02/2015 - 10:25:05 - [] ----D C:\Users\emle\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 15/02/2015 - 09:56:51 - [] ----D C:\Users\emle\AppData\Local\Adobe
O43 - CFD: 15/02/2015 - 09:53:14 - [] ----D C:\Users\emle\AppData\Local\Ap
O43 - CFD: 10/02/2015 - 19:14:48 - [] -SH-D C:\Users\emle\AppData\Local\Dados de Aplicativos
O43 - CFD: 14/02/2015 - 23:04:49 - [] ----D C:\Users\emle\AppData\Local\Diagnostics
O43 - CFD: 15/02/2015 - 08:55:31 - [] -SH-D C:\Users\emle\AppData\Local\EmieBrowserModeList
O43 - CFD: 10/02/2015 - 19:18:10 - [] -SH-D C:\Users\emle\AppData\Local\EmieSiteList
O43 - CFD: 10/02/2015 - 19:18:10 - [] -SH-D C:\Users\emle\AppData\Local\EmieUserList
O43 - CFD: 10/02/2015 - 19:18:03 - [] ----D C:\Users\emle\AppData\Local\Google
O43 - CFD: 10/02/2015 - 19:14:48 - [] -SH-D C:\Users\emle\AppData\Local\Histórico
O43 - CFD: 11/02/2015 - 18:53:11 - [] ----D C:\Users\emle\AppData\Local\Microsoft
O43 - CFD: 14/02/2015 - 18:24:13 - [] ----D C:\Users\emle\AppData\Local\Mozilla
O43 - CFD: 10/02/2015 - 19:17:16 - [] ----D C:\Users\emle\AppData\Local\Packages
O43 - CFD: 11/02/2015 - 18:54:33 - [] ----D C:\Users\emle\AppData\Local\Programs
O43 - CFD: 15/02/2015 - 10:23:18 - [] ----D C:\Users\emle\AppData\Local\Temp
O43 - CFD: 10/02/2015 - 19:14:48 - [] -SH-D C:\Users\emle\AppData\Local\Temporary Internet Files
O43 - CFD: 14/02/2015 - 17:51:50 - [] ----D C:\Users\emle\AppData\Local\VirtualStore
O43 - CFD: 18/03/2014 - 08:37:06 - [] R---D C:\Users\emle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 22/08/2013 - 13:36:32 - [] R---D C:\Users\emle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 15/02/2015 - 08:53:44 - [] R---D C:\Users\emle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 22/08/2013 - 13:36:32 - [] ----D C:\Users\emle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 15/02/2015 - 08:53:44 - [] R---D C:\Users\emle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 18/03/2014 - 08:37:06 - [] R---D C:\Users\emle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
~ Program Folder: 105 Scanned in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.E47A844AC4B2A85B1E4EAE78C6E40FD9] - 10/02/2015 - 18:14:52 ---A- . (...) -- C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat [180]
O44 - LFC:[MD5.FC273E6B811F678EA5518A27D57E0879] - 10/02/2015 - 18:24:24 ----- . (.Microsoft Corporation - Microsoft Malware Protection Signature Upda.) -- C:\Windows\System32\MpSigStub.exe [298120]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 10/02/2015 - 18:24:42 --HA- . (...) -- C:\Windows\System32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 11/02/2015 - 18:07:15 --HA- . (...) -- C:\Windows\System32\Drivers\Msft_Kernel_webTinst_01009.Wdf [0] =>PUP.CorsicaTechnologies
O44 - LFC:[MD5.7AE57AEB6DF5F5AA7C6483C00A7EE969] - 11/02/2015 - 18:09:15 ---A- . (...) -- C:\logFile.txt [249888]
O44 - LFC:[MD5.FD3638782572A8281BCF12520F6579F4] - 13/02/2015 - 21:37:42 ---A- . (.Microsoft Corporation - This tool resets the Windows Store without.) -- C:\Windows\System32\WSReset.exe [79872]
O44 - LFC:[MD5.2C28079658CCA1E8C3810E185CCC2234] - 13/02/2015 - 21:37:42 ---A- . (.Microsoft Corporation - Windows Update WUDriver Stub.) -- C:\Windows\System32\wudriver.dll [93696]
O44 - LFC:[MD5.1EC3AACDB335533A7470245C683ACF94] - 13/02/2015 - 21:37:42 ---A- . (.Microsoft Corporation - Windows Update client proxy stub.) -- C:\Windows\System32\wups.dll [56320]
O44 - LFC:[MD5.4A12C727502A07C4B89B663B942DF289] - 13/02/2015 - 21:37:42 ---A- . (.Microsoft Corporation - Windows Update.) -- C:\Windows\System32\wuauclt.exe [54776]
O44 - LFC:[MD5.9FA466A42109F408AC6C2848E851C38A] - 13/02/2015 - 21:37:42 ---A- . (.Microsoft Corporation - twinapi.appcore.) -- C:\Windows\System32\twinapi.appcore.dll [555736]
O44 - LFC:[MD5.53BEF9A65EA686018B9EDF9665F5EBDE] - 13/02/2015 - 21:37:43 ---A- . (.Microsoft Corporation - API do Cliente do Windows Update.) -- C:\Windows\System32\wuapi.dll [827392]
O44 - LFC:[MD5.CCC6D7250D01DA7E5499B0722CF6CAE3] - 13/02/2015 - 21:37:43 ---A- . (.Microsoft Corporation - TWINUI.APPCORE.) -- C:\Windows\System32\twinui.appcore.dll [1054208]
O44 - LFC:[MD5.E66AC3CA92FC471BFE69F61549193A64] - 13/02/2015 - 21:37:44 ---A- . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [3463680]
O44 - LFC:[MD5.8BB7548307EE6147137993A410D64387] - 13/02/2015 - 21:38:28 ---A- . (.Microsoft Corporation - Microsoft® C Runtime Library.) -- C:\Windows\System32\msvcr120_clr0400.dll [869544]
O44 - LFC:[MD5.788C7D910267DDCD675DF4AB01961265] - 13/02/2015 - 21:45:57 ---A- . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll [259584]
O44 - LFC:[MD5.E87F8EC00FEEF700E61F6989D88A8BC2] - 13/02/2015 - 21:45:58 ---A- . (.Microsoft Corporation - Pacote de Segurança Kerberos.) -- C:\Windows\System32\kerberos.dll [991232]
O44 - LFC:[MD5.A41B72F81B389786805CC4D5767B5FBC] - 13/02/2015 - 21:46:20 ---A- . (.Microsoft Corporation - Code Integrity Module (Test).) -- C:\Windows\System32\ci.dll [531616]
O44 - LFC:[MD5.8EBC741DDE9409038262E2F317ED7CCE] - 13/02/2015 - 21:46:20 ---A- . (.Microsoft Corporation - DLL do Relatório de Erros do Windows.) -- C:\Windows\System32\wer.dll [535640]
O44 - LFC:[MD5.2C354FA91EF605007FD11BB89EED2266] - 13/02/2015 - 21:46:20 ---A- . (.Microsoft Corporation - DLL do Relatório de Falha do Modo de Usuári.) -- C:\Windows\System32\Faultrep.dll [413248]
O44 - LFC:[MD5.41C501FD9D42F3F04A8532C73E09F356] - 13/02/2015 - 21:46:20 ---A- . (.Microsoft Corporation - Media Foundation Crash Dump Encryption DLL.) -- C:\Windows\System32\EncDump.dll [108944]
O44 - LFC:[MD5.9404704666256045F5BA9B290953B4D0] - 13/02/2015 - 21:46:20 ---A- . (.Microsoft Corporation - Relatório de Falhas do Windows.) -- C:\Windows\System32\WerFaultSecure.exe [38264]
O44 - LFC:[MD5.6DCD12586353DC6307AC781045CA13A4] - 13/02/2015 - 21:46:20 ---A- . (.Microsoft Corporation - Relatório de Problemas do Windows.) -- C:\Windows\System32\WerFault.exe [465320]
O44 - LFC:[MD5.D1E3B8D9130C70F6A3D4FDB52373FF34] - 13/02/2015 - 21:46:20 ---A- . (.Microsoft Corporation - WER Diagnostic Controller.) -- C:\Windows\System32\werdiagcontroller.dll [37888]
O44 - LFC:[MD5.0BCDEB035B9346D3C3C6C8BB1AA7F38C] - 13/02/2015 - 21:46:20 ---A- . (.Microsoft Corporation - Windows Problem Reporting.) -- C:\Windows\System32\wermgr.exe [139984]
O44 - LFC:[MD5.6F237EE5DDA34EAF3D9C79D4A283E250] - 13/02/2015 - 21:46:21 ---A- . (.Microsoft Corporation - Audio Engine.) -- C:\Windows\System32\AudioEng.dll [482872]
O44 - LFC:[MD5.E24D3259769A0218FE19BB306821C2E5] - 13/02/2015 - 21:46:21 ---A- . (.Microsoft Corporation - Audio Ks Endpoint.) -- C:\Windows\System32\AUDIOKSE.dll [394120]
O44 - LFC:[MD5.770BAA636F3B61DA7E414421444F84FD] - 13/02/2015 - 21:46:21 ---A- . (.Microsoft Corporation - Isolamento de Gráfico de Dispositivo de Áud.) -- C:\Windows\System32\audiodg.exe [272248]
O44 - LFC:[MD5.428F083690D7AAA012338FD5A0663EE3] - 13/02/2015 - 21:46:21 ---A- . (.Microsoft Corporation - Sessão de Áudio.) -- C:\Windows\System32\AudioSes.dll [500016]
O44 - LFC:[MD5.8779FDAE68BC948B0FE152E758CC8DA7] - 13/02/2015 - 21:46:22 ---A- . (.Microsoft Corporation - Construtor de Pontos de Extremidade de Áudi.) -- C:\Windows\System32\AudioEndpointBuilder.dll [229888]
O44 - LFC:[MD5.61EA45A645854FE81D8A924E2D93DFFE] - 13/02/2015 - 21:46:22 ---A- . (.Microsoft Corporation - Serviço de Áudio do Windows.) -- C:\Windows\System32\audiosrv.dll [911360]
O44 - LFC:[MD5.E6905909E7334990033CFDAF56920004] - 13/02/2015 - 21:47:16 ---A- . (.Microsoft Corporation - Driver Win32 multiusuário.) -- C:\Windows\System32\win32k.sys [4175872]
O44 - LFC:[MD5.182561A14F2E93E81E66FE3700D17A5A] - 13/02/2015 - 21:47:23 ---A- . (.Microsoft Corporation - Family Safety Filter Driver.) -- C:\Windows\System32\Drivers\wpcfltr.sys [55328]
O44 - LFC:[MD5.52E94AE3C9FF1E18A1EA125C4FFB0EEC] - 13/02/2015 - 21:47:23 ---A- . (.Microsoft Corporation - Painel de Controle dos Controles dos Pais.) -- C:\Windows\System32\wpccpl.dll [2834944]
O44 - LFC:[MD5.F381B380B7B2704EA4C0F8D8C49C1C50] - 13/02/2015 - 21:47:27 ---A- . (.Microsoft Corporation - MDMAgent.) -- C:\Windows\System32\MDMAgent.exe [623616]
O44 - LFC:[MD5.E4A75F7BA48F4281405C782E3DB9F828] - 13/02/2015 - 21:47:44 ---A- . (.Microsoft Corporation - Executor de Fila de Operações Primitivas.) -- C:\Windows\System32\poqexec.exe [146432]
O44 - LFC:[MD5.78FC2B2BA0E5E1C9249E3157D4EE9BC7] - 13/02/2015 - 21:47:50 ---A- . (.Microsoft Corporation - Edição com o DirectShow..) -- C:\Windows\System32\qedit.dll [586240]
O44 - LFC:[MD5.FE11972797DED38CA55E88BD3579F6A2] - 13/02/2015 - 21:47:51 ---A- . (.Microsoft Corporation - Indicador de Status da Conectividade de Red.) -- C:\Windows\System32\ncsi.dll [360448]
O44 - LFC:[MD5.6319232C1CE39AC35316CF51910EEEB5] - 13/02/2015 - 21:47:51 ---A- . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\System32\nlaapi.dll [86016]
O44 - LFC:[MD5.E94EB2A95D7D016E119C4D6868788831] - 13/02/2015 - 21:47:51 ---A- . (.Microsoft Corporation - Reconhecimento de Locais de Rede 2.) -- C:\Windows\System32\nlasvc.dll [391680]
O44 - LFC:[MD5.08DCA300264238F9AE941302321F3D54] - 13/02/2015 - 21:48:19 ---A- . (.Microsoft Corporation - Hardware Abstraction Layer DLL.) -- C:\Windows\System32\hal.dll [423768]
O44 - LFC:[MD5.D79920BE4E6683D3AB50F71457A4F6C6] - 13/02/2015 - 21:48:19 ---A- . (.Microsoft Corporation - Universal Serial Bus Driver.) -- C:\Windows\System32\Drivers\usbd.sys [27480]
O44 - LFC:[MD5.93435654DCA210298BA0F986EB51C679] - 13/02/2015 - 21:48:20 ---A- . (.Microsoft Corporation - Driver de Hub Padrão para USB.) -- C:\Windows\System32\Drivers\usbhub.sys [419672]
O44 - LFC:[MD5.FE0ADF5028EB8C1339B66B3AEDE3FEF9] - 13/02/2015 - 21:48:20 ---A- . (.Microsoft Corporation - Driver de Porta USB 1.1 e 2.0.) -- C:\Windows\System32\Drivers\usbport.sys [440664]
O44 - LFC:[MD5.48BA326A3DBA5B5BEB5F2777F4618696] - 13/02/2015 - 21:48:20 ---A- . (.Microsoft Corporation - EHCI eUSB Miniport Driver.) -- C:\Windows\System32\Drivers\usbehci.sys [89944]
O44 - LFC:[MD5.313117AE2B0986ED7D3AA6AE10603239] - 13/02/2015 - 21:48:20 ---A- . (.Microsoft Corporation - Microsoft Enhanced Cryptographic Provider.) -- C:\Windows\System32\rsaenh.dll [216368]
O44 - LFC:[MD5.42D257559F97B30A94A027EB4555C62F] - 13/02/2015 - 21:48:20 ---A- . (.Microsoft Corporation - Provedor de Credenciais de Senha de Uso Úni.) -- C:\Windows\System32\DaOtpCredentialProvider.dll [323584]
O44 - LFC:[MD5.064260B3A5868AC894A4943543BC7AB7] - 13/02/2015 - 21:48:20 ---A- . (.Microsoft Corporation - UHCI USB Miniport Driver.) -- C:\Windows\System32\Drivers\usbuhci.sys [37376]
O44 - LFC:[MD5.1A54E3DF2CBB8DBE8A17C87BB07E3A7E] - 13/02/2015 - 21:48:20 ---A- . (.Microsoft Corporation - Windows Driver Foundation - Biblioteca de P.) -- C:\Windows\System32\WUDFPlatform.dll [209408]
O44 - LFC:[MD5.B312E157D20E727F30EAB3A250441B6F] - 13/02/2015 - 21:48:20 ---A- . (.Microsoft Corporation - Windows Driver Foundation - Processo de Hos.) -- C:\Windows\System32\WUDFHost.exe [284672]
O44 - LFC:[MD5.9CDC2059A23E3C9B57696178508777E7] - 13/02/2015 - 21:48:20 ---A- . (.Microsoft Corporation - Windows Driver Foundation - Serviço de Estr.) -- C:\Windows\System32\WUDFSvc.dll [99840]
O44 - LFC:[MD5.D537815E450A149752C15868392AD1F3] - 13/02/2015 - 21:48:20 ---A- . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) -- C:\Windows\System32\Drivers\WUDFPf.sys [110592]
O44 - LFC:[MD5.7CCBBCEE408A5DBE3FE47297DB5A6CFC] - 13/02/2015 - 21:48:20 ---A- . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) -- C:\Windows\System32\Drivers\WUDFRd.sys [227840]
O44 - LFC:[MD5.50A49F3F16EF82E30BFB11E6B6A8F4A6] - 13/02/2015 - 21:48:23 ---A- . (.Microsoft Corporation - Windows.UI.Xaml dll.) -- C:\Windows\System32\Windows.UI.Xaml.dll [16871936]
O44 - LFC:[MD5.3FA6DC6B29717E32E211C1FD821F2C75] - 13/02/2015 - 21:48:32 ---A- . (.Microsoft Corporation - Serviço de Cache de Fontes do Windows.) -- C:\Windows\System32\FntCache.dll [1345536]
O44 - LFC:[MD5.CC8E86B9C18BCA38D3C467CFD661A466] - 13/02/2015 - 21:48:32 ---A- . (.Microsoft Corporation - Serviços de Tipografia de DirectX da Micros.) -- C:\Windows\System32\DWrite.dll [1975296]
O44 - LFC:[MD5.BB7F878413AD3C2E7E89C96193D405DF] - 13/02/2015 - 21:48:33 ---A- . (.Microsoft Corporation - Driver Installation Module.) -- C:\Windows\System32\drvcfg.exe [57856]
O44 - LFC:[MD5.8E472AA2E916417B55BC1E6727957453] - 13/02/2015 - 21:48:33 ---A- . (.Microsoft Corporation - Módulo de Instalação de Driver.) -- C:\Windows\System32\drvinst.exe [110592]
O44 - LFC:[MD5.BC6849C62DB407573C6AD8CB1A4D2628] - 13/02/2015 - 21:48:33 ---A- . (.Microsoft Corporation - Serviço plug-and-play modo usuário.) -- C:\Windows\System32\umpnpmgr.dll [115200]
O44 - LFC:[MD5.9465F8E72887AC6CCDD97F738A5AB6B6] - 13/02/2015 - 21:49:11 ---A- . (.Microsoft Corporation - Microsoft® Windows System Restore Client Li.) -- C:\Windows\System32\srclient.dll [70656]
O44 - LFC:[MD5.F587513213947A4C7EF47B660DAAFBC5] - 13/02/2015 - 21:49:11 ---A- . (.Microsoft Corporation - Restauração do Sistema do Microsoft® Window.) -- C:\Windows\System32\rstrui.exe [271872]
O44 - LFC:[MD5.8596E6030C8DE66439DDF21C7F7B5006] - 13/02/2015 - 21:49:11 ---A- . (.Microsoft Corporation - Windows Search URI Handler.) -- C:\Windows\System32\Windows.Shell.Search.UriHandler.dll [40960]
O44 - LFC:[MD5.82FE5F302FD7C7EF0E41465BB873EFC7] - 13/02/2015 - 21:49:11 ---A- . (.Microsoft Corporation - Windows Wireless LAN 802.11 Client Side Hel.) -- C:\Windows\System32\wlanhlp.dll [11264]
O44 - LFC:[MD5.B24960B79BDE7D5ED1EA638027F9E8F0] - 13/02/2015 - 21:49:12 ---A- . (.Microsoft Corporation - BootMenuUX.) -- C:\Windows\System32\BootMenuUX.dll [143872]
O44 - LFC:[MD5.69A374DE46C7BAAE30BFB1E40D69C5C6] - 13/02/2015 - 21:49:12 ---A- . (.Microsoft Corporation - Painel de Controle de Pastas de Trabalho da.) -- C:\Windows\System32\WorkfoldersControl.dll [761856]
O44 - LFC:[MD5.78D26F162E015FF644785C8836B617CA] - 13/02/2015 - 21:49:12 ---A- . (.Microsoft Corporation - Storage Management Provider for Spaces.) -- C:\Windows\System32\mispace.dll [1287168]
O44 - LFC:[MD5.8E1866A4E96F1159B6625627860A0454] - 13/02/2015 - 21:49:12 ---A- . (.Microsoft Corporation - System Settings Admin Flow XAML UI Implemen.) -- C:\Windows\System32\SystemSettingsAdminFlowUI.dll [2100736]
O44 - LFC:[MD5.88BCAEABEB2A46DB7B336B8432720AC8] - 13/02/2015 - 21:49:12 ---A- . (.Microsoft Corporation - Windows Wireless LAN 802.11 MSM Security Mo.) -- C:\Windows\System32\wlansec.dll [443904]
O44 - LFC:[MD5.414B81DE6CE46022ED43051C09EDB00B] - 13/02/2015 - 21:49:14 ---A- . (.Microsoft Corporation - Biblioteca Principal de Restauração de Sist.) -- C:\Windows\System32\srcore.dll [467968]
O44 - LFC:[MD5.072A99F351C505A45C9FDA32E7324602] - 13/02/2015 - 21:49:14 ---A- . (.Microsoft Corporation - EXE do Pipeline Protegido do Media Foundati.) -- C:\Windows\System32\mfpmp.exe [28408]
O44 - LFC:[MD5.22B8B1F946ACFCB03832793A25216D8C] - 13/02/2015 - 21:49:14 ---A- . (.Microsoft Corporation - Extensão de Shell de Pastas de Trabalho da.) -- C:\Windows\System32\WorkFoldersShell.dll [186880]
O44 - LFC:[MD5.88ACBA95BB55B8226D52117462B76CD4] - 13/02/2015 - 21:49:14 ---A- . (.Microsoft Corporation - Microsoft Trust Verification APIs.) -- C:\Windows\System32\wintrust.dll [307304]
O44 - LFC:[MD5.64B2A2630C964BF135A84A52FB2EEF9A] - 13/02/2015 - 21:49:14 ---A- . (.Microsoft Corporation - Microsoft® Remote Desktop Services Cryptogr.) -- C:\Windows\System32\tlscsp.dll [47616]
O44 - LFC:[MD5.B6BD22DDEDDD8665080D664749ACFEF5] - 13/02/2015 - 21:49:14 ---A- . (.Microsoft Corporation - QEC de Gateway RD.) -- C:\Windows\System32\tsgqec.dll [64512]
O44 - LFC:[MD5.AE2B9504C975B529D92D9E6603F6D33F] - 13/02/2015 - 21:49:15 ---A- . (.Microsoft Corporation - DLL do Media Foundation.) -- C:\Windows\System32\mf.dll [609448]
O44 - LFC:[MD5.5EE916C3272A19B459717A8D2397B07A] - 13/02/2015 - 21:49:15 ---A- . (.Microsoft Corporation - Energy System Resource Usage Monitor (SRUM).) -- C:\Windows\System32\energyprov.dll [55296]
O44 - LFC:[MD5.99277BE68298288A0E27CF9E50FAD091] - 13/02/2015 - 21:49:15 ---A- . (.Microsoft Corporation - Media Foundation Platform DLL.) -- C:\Windows\System32\mfplat.dll [881616]
O44 - LFC:[MD5.7B3255A0B833908E4A7ACEA6245D344E] - 13/02/2015 - 21:49:16 ---A- . (.Microsoft Corporation - Biblioteca API de Clusters.) -- C:\Windows\System32\clusapi.dll [426496]
O44 - LFC:[MD5.6592D192E2823C043EDBC010E7774053] - 13/02/2015 - 21:49:16 ---A- . (.Microsoft Corporation - Gerenciador de Filtro do Filesystem Microso.) -- C:\Windows\System32\Drivers\fltMgr.sys [360792]
O44 - LFC:[MD5.4C1E71E37B56C768900B1FCF81205027] - 13/02/2015 - 21:49:16 ---A- . (.Microsoft Corporation - Microsoft Storage Port Driver.) -- C:\Windows\System32\Drivers\storport.sys [372568]
O44 - LFC:[MD5.2A4177EE5446877BD24DD72504105603] - 13/02/2015 - 21:49:16 ---A- . (.Microsoft Corporation - RPC HTTP DLL.) -- C:\Windows\System32\rpchttp.dll [191488]
O44 - LFC:[MD5.9654DE19551093CD73874281E1573C94] - 13/02/2015 - 21:49:16 ---A- . (.Microsoft Corporation - Serviço Central de Segurança do Windows.) -- C:\Windows\System32\wscsvc.dll [135168]
O44 - LFC:[MD5.E369C59F2C0852DDD090C07E0DDE0051] - 13/02/2015 - 21:49:16 ---A- . (.Microsoft Corporation - Serviço de cópias de sombra de volume da Mi.) -- C:\Windows\System32\VSSVC.exe [1436160]
O44 - LFC:[MD5.33977549C2CED09936E05BEE7659EAFF] - 13/02/2015 - 21:49:16 ---A- . (.Microsoft Corporation - Storage Spaces Driver.) -- C:\Windows\System32\Drivers\spaceport.sys [384856]
O44 - LFC:[MD5.7B12172CCE581F76C9335D7A47E0AD50] - 13/02/2015 - 21:49:17 ---A- . (.Microsoft Corporation - API do Cliente da Política de Grupo.) -- C:\Windows\System32\gpapi.dll [130144]
O44 - LFC:[MD5.95471DDCB3B3FF70015FD9AA13404F44] - 13/02/2015 - 21:49:17 ---A- . (.Microsoft Corporation - DLL do Utilitário de Recursos de Cluster da.) -- C:\Windows\System32\resutils.dll [281600]
O44 - LFC:[MD5.D90AB68D0FAC9F357F663670FDBB511E] - 13/02/2015 - 21:49:17 ---A- . (.Microsoft Corporation - Microsoft iSCSI Initiator Driver.) -- C:\Windows\System32\Drivers\msiscsi.sys [275800]
O44 - LFC:[MD5.850EBB87584484DC16F917E7B6F4A304] - 13/02/2015 - 21:49:17 ---A- . (.Microsoft Corporation - Provedor de software de serviço de cópias d.) -- C:\Windows\System32\swprv.dll [718336]
O44 - LFC:[MD5.315502228EB37F36E86EF75CB1DA1D44] - 13/02/2015 - 21:49:17 ---A- . (.Microsoft Corporation - Video Stabilization MFT.) -- C:\Windows\System32\MSVideoDSP.dll [201920]
O44 - LFC:[MD5.977D67467950D8048E94651EE6081B99] - 13/02/2015 - 21:49:17 ---A- . (.Microsoft Corporation - Windows Wireless LAN 802.11 MSM DLL.) -- C:\Windows\System32\wlanmsm.dll [370176]
O44 - LFC:[MD5.1517EE52367CABAA5615AC736DC96C7D] - 13/02/2015 - 21:49:18 ---A- . (.Microsoft Corporation - API do Gerenciador de Janelas da Área de Tr.) -- C:\Windows\System32\dwmapi.dll [125496]
O44 - LFC:[MD5.F152D55E497E12256290C43B31C7D0CE] - 13/02/2015 - 21:49:18 ---A- . (.Microsoft Corporation - BitLocker Drive Encryption Driver.) -- C:\Windows\System32\Drivers\fvevol.sys [589656]
O44 - LFC:[MD5.F2895547FC275642A29692DC344A847F] - 13/02/2015 - 21:49:18 ---A- . (.Microsoft Corporation - DLL de API do Cliente de Configuração Autom.) -- C:\Windows\System32\wlanapi.dll [296960]
O44 - LFC:[MD5.87CF824E47489DD972FB4FB9FC4EDD0A] - 13/02/2015 - 21:49:18 ---A- . (.Microsoft Corporation - DLL do Mecanismo de captura do Media Founda.) -- C:\Windows\System32\MFCaptureEngine.dll [324888]
O44 - LFC:[MD5.67176AA6EAF34FF2A962F14EB8F0478B] - 13/02/2015 - 21:49:18 ---A- . (.Microsoft Corporation - Fluxos administrativos de configurações do.) -- C:\Windows\System32\SystemSettingsAdminFlows.exe [263424]
O44 - LFC:[MD5.498288DD5CA42C2D36D125893E968C53] - 13/02/2015 - 21:49:18 ---A- . (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\Drivers\hdaudbus.sys [77312]
O44 - LFC:[MD5.1697E09CDA4DD8741B8276F48A8514DE] - 13/02/2015 - 21:49:18 ---A- . (.Microsoft Corporation - Prelaunch OptIn.) -- C:\Windows\System32\ploptin.dll [32600]
O44 - LFC:[MD5.AF3FF97AC2A73E70F8A8D11FB694175B] - 13/02/2015 - 21:49:19 ---A- . (.Microsoft Corporation - Microsoft\Otimizador de Unidade.) -- C:\Windows\System32\defragsvc.dll [449536]
O44 - LFC:[MD5.BAF51BE2DEB387BD99CAC4E3B7850FEC] - 13/02/2015 - 21:49:19 ---A- . (.Microsoft Corporation - RDPSRAPI COM Objects.) -- C:\Windows\System32\rdpencom.dll [250368]
O44 - LFC:[MD5.4BB9BC49DEE1A319EC58274A7BBED663] - 13/02/2015 - 21:49:20 ---A- . (.Microsoft Corporation - Driver de cópia de sombra de volume.) -- C:\Windows\System32\Drivers\volsnap.sys [310616]
O44 - LFC:[MD5.A1CD5194ACC156A852136B303F087260] - 13/02/2015 - 21:49:20 ---A- . (.Microsoft Corporation - Media Foundation Simple Video Renderer DLL.) -- C:\Windows\System32\mfsvr.dll [491744]
O44 - LFC:[MD5.0BDD786156C820F49EEF5D348B4ACFF4] - 13/02/2015 - 21:49:20 ---A- . (.Microsoft Corporation - Reproduzir em Servidor.) -- C:\Windows\System32\MDEServer.exe [335872]
O44 - LFC:[MD5.6873D09262D32B95D6AC3026FCF8B424] - 13/02/2015 - 21:49:20 ---A- . (.Microsoft Corporation - Windows Media Runtime DLL.) -- C:\Windows\System32\Windows.Media.dll [1230336]
O44 - LFC:[MD5.46378ECCB4A29AA81BF296641C2501EF] - 13/02/2015 - 21:49:21 ---A- . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\System32\srvsvc.dll [323072]
O44 - LFC:[MD5.CADCE0D6C30427F70A4BFA426256F68C] - 13/02/2015 - 21:49:21 ---A- . (.Microsoft Corporation - SCSI Class System Dll.) -- C:\Windows\System32\Drivers\Classpnp.sys [337240]
O44 - LFC:[MD5.7C7BE474915166B61B84C025F1F10157] - 13/02/2015 - 21:49:22 ---A- . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\Drivers\afd.sys [563200]
O44 - LFC:[MD5.98A184F6EC43B178901FCD5D4E2EC43B] - 13/02/2015 - 21:49:22 ---A- . (.Microsoft Corporation - DLNA DLL.) -- C:\Windows\System32\Windows.Media.Streaming.dll [1222656]
O44 - LFC:[MD5.78514B073CC5775800A65BFB82A0D66B] - 13/02/2015 - 21:49:22 ---A- . (.Microsoft Corporation - Driver da Miniporta NativeWiFi.) -- C:\Windows\System32\Drivers\nwifi.sys [443904]
O44 - LFC:[MD5.716059F37BCCB1ABEDE99EBE82E8E362] - 13/02/2015 - 21:49:22 ---A- . (.Microsoft Corporation - Server Network driver.) -- C:\Windows\System32\Drivers\srvnet.

O44 - LFC:[MD5.626D19F1771E1AE72208AE9A8F3082F7] - 13/02/2015 - 21:49:22 ---A- . (.Microsoft Corporation - Serviço de Estrutura de Localização do Wind.) -- C:\Windows\System32\GeofenceMonitorService.dll [491520]
O44 - LFC:[MD5.EEC46BC17F28C528AB7FAC20AFDF69E3] - 13/02/2015 - 21:49:22 ---A- . (.Microsoft Corporation - XPS to GDI Converter.) -- C:\Windows\System32\XpsGdiConverter.dll [462336]
O44 - LFC:[MD5.067CB90C277DB4A737D5DEABA3055972] - 13/02/2015 - 21:49:23 ---A- . (.Microsoft Corporation - Aplicativo de serviços e controle.) -- C:\Windows\System32\services.exe [407016]
O44 - LFC:[MD5.FD163F487CBA9C98AFFEB546C80F49A2] - 13/02/2015 - 21:49:23 ---A- . (.Microsoft Corporation - Driver de Servidor Smb 2.0.) -- C:\Windows\System32\Drivers\srv2.sys [677376]
O44 - LFC:[MD5.ED7C0A11E655CD8B89BE499F99D56098] - 13/02/2015 - 21:49:23 ---A- . (.Microsoft Corporation - Driver de spooler do Windows.) -- C:\Windows\System32\winspool.drv [486912]
O44 - LFC:[MD5.5071E71CC05346D88C5A08EB8B5A05E3] - 13/02/2015 - 21:49:23 ---A- . (.Microsoft Corporation - Serviço Pastas de Trabalho da Microsoft (C).) -- C:\Windows\System32\workfolderssvc.dll [1584128]
O44 - LFC:[MD5.9ED0E72966FB08F7E6DB15E5519AF8D1] - 13/02/2015 - 21:49:23 ---A- . (.Microsoft Corporation - WMPMDE DLL.) -- C:\Windows\System32\wmpmde.dll [1379064]
O44 - LFC:[MD5.411DBFCD6ABAB75B6F7950677AEEFB7D] - 13/02/2015 - 21:49:23 ---A- . (.Microsoft Corporation - WinMDE DLL.) -- C:\Windows\System32\winmde.dll [1403856]
O44 - LFC:[MD5.7FB9EC74ADFB2353B7782C3EF833F5B7] - 13/02/2015 - 21:49:25 ---A- . (.Microsoft Corporation - Media Foundation MPEG2 Source and Sink DLL.) -- C:\Windows\System32\mfmpeg2srcsnk.dll [765408]
O44 - LFC:[MD5.EF252510DB6C3511E30418BD2AC95A2D] - 13/02/2015 - 21:49:26 ---A- . (.Microsoft Corporation - DLL do Serviço de Configuração Automática d.) -- C:\Windows\System32\wlansvc.dll [1527296]
O44 - LFC:[MD5.383DA813409316D69603C1D849834D24] - 13/02/2015 - 21:49:29 ---A- . (.Microsoft Corporation - Cliente da Política de Grupo.) -- C:\Windows\System32\gpsvc.dll [1308160]
O44 - LFC:[MD5.AEDD44FDB8B521D443A07146F5CA3A53] - 13/02/2015 - 21:49:42 ---A- . (.Microsoft Corporation - PDF WinRT APIs.) -- C:\Windows\System32\Windows.Data.Pdf.dll [7173120]
O44 - LFC:[MD5.A770340FC02B999EF0DE6C2A6BC8437C] - 13/02/2015 - 21:49:56 ---A- . (.Microsoft Corporation - Intel Power Engine Plugin.) -- C:\Windows\System32\Drivers\intelpep.sys [39744]
O44 - LFC:[MD5.24A8DFC07E4BAF29AEA26E383D4CC886] - 13/02/2015 - 21:49:56 ---A- . (.Microsoft Corporation - Power Dependency Coordinator Driver.) -- C:\Windows\System32\Drivers\pdc.sys [86336]
O44 - LFC:[MD5.B02118A776C368F7EE1A8CC81378D265] - 13/02/2015 - 21:49:56 ---A- . (.Microsoft Corporation - SD Crashdump Port Driver.) -- C:\Windows\System32\Drivers\dumpsd.sys [153920]
O44 - LFC:[MD5.7B7C482CF48E6EE33664340D1A78E6FE] - 13/02/2015 - 21:49:56 ---A- . (.Microsoft Corporation - SecureDigital Bus Driver.) -- C:\Windows\System32\Drivers\sdbus.sys [238912]
O44 - LFC:[MD5.84549E8C8BF76B293A7E625A98D4BCF9] - 13/02/2015 - 21:49:57 ---A- . (.Microsoft Corporation - Gerenciador de Objetos 2.) -- C:\Windows\System32\packager.dll [81408]
O44 - LFC:[MD5.5C42CEE3E2018E1DFC6E3E17240A432A] - 13/02/2015 - 21:49:57 ---A- . (.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) -- C:\Windows\System32\Drivers\mrxsmb20.sys [206848]
O44 - LFC:[MD5.B7CC32E00C5C5152D221DF182827F58E] - 13/02/2015 - 21:50:11 ---A- . (...) -- C:\Windows\System32\srms.dat [50745]
O44 - LFC:[MD5.71BAEAFD05B3040173F5BBEA2CFE9607] - 13/02/2015 - 21:50:11 ---A- . (.Microsoft Corporation - Mecanismo de Redefinição do Microsoft Windo.) -- C:\Windows\System32\reseteng.dll [997888]
O44 - LFC:[MD5.CFD6DBED27511D7A5FBE33AFA7E6B669] - 13/02/2015 - 21:50:12 ---A- . (.Microsoft Corporation - Bulk File Operations Host Process.) -- C:\Windows\System32\BulkOperationHost.exe [76800]
O44 - LFC:[MD5.35BF5C5F5E3C9902C98978C7640574DA] - 13/02/2015 - 21:50:12 ---A- . (.Microsoft Corporation - Virtual WiFi Filter Driver.) -- C:\Windows\System32\Drivers\vwififlt.sys [71680]
O44 - LFC:[MD5.D3883FBCA97D10C8A39632D6CDDC6E85] - 13/02/2015 - 21:50:13 ---A- . (.Microsoft Corporation - Cliente DHCPv6.) -- C:\Windows\System32\dhcpcsvc6.dll [65024]
O44 - LFC:[MD5.D261A12A43D33122CB90E70D3BC1CC68] - 13/02/2015 - 21:50:13 ---A- . (.Microsoft Corporation - DLL do Serviço WebDAV.) -- C:\Windows\System32\WebClnt.dll [226816]
O44 - LFC:[MD5.2616E8E9C8B66A67CFB6197E9517A2F2] - 13/02/2015 - 21:50:13 ---A- . (.Microsoft Corporation - Microsoft Robocopy.) -- C:\Windows\System32\Robocopy.exe [123392]
O44 - LFC:[MD5.7E1EBDB3424337ABB553F249A7811D94] - 13/02/2015 - 21:50:13 ---A- . (.Microsoft Corporation - Serviço do Cliente DHCP.) -- C:\Windows\System32\dhcpcsvc.dll [87552]
O44 - LFC:[MD5.65ED7B9CFEA893DF7748D5FF692690DE] - 13/02/2015 - 21:50:13 ---A- . (.Microsoft Corporation - Virtual WiFi Miniport Driver.) -- C:\Windows\System32\Drivers\vwifimp.sys [38912]
O44 - LFC:[MD5.FBB1841434072FFA76E4AD287448E34A] - 13/02/2015 - 21:50:14 ---A- . (.Microsoft Corporation - WMI SDK Provider Framework.) -- C:\Windows\System32\framedyn.dll [262656]
O44 - LFC:[MD5.6DEA7E51085C4CEC311DBD5A1AF8C759] - 13/02/2015 - 21:50:15 ---A- . (.Microsoft Corporation - Auxiliar Netsh da Plataforma de Filtragem d.) -- C:\Windows\System32\nshwfp.dll [717312]
O44 - LFC:[MD5.10AC9494ECE22A2362E4E4D98C528D01] - 13/02/2015 - 21:50:15 ---A- . (.Microsoft Corporation - Cliente DHCPv6.) -- C:\Windows\System32\dhcpcore6.dll [271872]
O44 - LFC:[MD5.1824052F17B12B5D7B21445B869EE9F2] - 13/02/2015 - 21:50:15 ---A- . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\ncobjapi.dll [71168]
O44 - LFC:[MD5.674A4702E4E144E8710ED1A2EC6DD049] - 13/02/2015 - 21:50:15 ---A- . (.Microsoft Corporation - RAS Agile Vpn Miniport Call Manager.) -- C:\Windows\System32\Drivers\agilevpn.sys [96768]
O44 - LFC:[MD5.E07C80468D0C599BFF01D9D4EC7AEDC3] - 13/02/2015 - 21:50:15 ---A- . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\System32\bdesvc.dll [339456]
O44 - LFC:[MD5.BFBE1C5F57FE7A885673A1962D5532B7] - 13/02/2015 - 21:50:15 ---A- . (.Microsoft Corporation - WFP NDIS 6.30 Lightweight Filter Driver.) -- C:\Windows\System32\Drivers\wfplwfs.sys [136024]
O44 - LFC:[MD5.6B374D279DC423FE69DB8DD1401E84FC] - 13/02/2015 - 21:50:16 ---A- . (.Microsoft Corporation - WMI SDK Provider Framework.) -- C:\Windows\System32\framedynos.dll [301056]
O44 - LFC:[MD5.5ABA673EF6433BE68AAE77AE5C5FAFAA] - 13/02/2015 - 21:50:17 ---A- . (.Microsoft Corporation - API de Modo de Usuário FWP/IPsec.) -- C:\Windows\System32\FWPUCLNT.DLL [412672]
O44 - LFC:[MD5.05DE04005CE0D84D0E6AD21CAEB369C6] - 13/02/2015 - 21:50:18 ---A- . (.Microsoft Corporation - Serviço do Cliente DHCP.) -- C:\Windows\System32\dhcpcore.dll [353280]
O44 - LFC:[MD5.EA432A85ABF371E14FB364D5F4405897] - 13/02/2015 - 21:50:18 ---A- . (.Microsoft Corporation - VPNIKE Protocol Engine - Test dll.) -- C:\Windows\System32\vpnike.dll [403968]
O44 - LFC:[MD5.98D0985521BF8F7086EA9C860898A1EE] - 13/02/2015 - 21:50:18 ---A- . (.Microsoft Corporation - Windows BitLocker Drive Encryption API.) -- C:\Windows\System32\fveapi.dll [721408]
O44 - LFC:[MD5.20FB137ADDE1255F15F265A7BD9579BE] - 13/02/2015 - 21:50:19 ---A- . (.Microsoft Corporation - Mecanismo de Filtragem Básica.) -- C:\Windows\System32\BFE.DLL [827392]
O44 - LFC:[MD5.0CD0356C5BBCFDC1B7BCEEDE74AB348B] - 13/02/2015 - 21:50:20 ---A- . (.Microsoft Corporation - Media Foundation Core DLL.) -- C:\Windows\System32\mfcore.dll [2140888]
O44 - LFC:[MD5.7A1A3F213CDB3363D179D5014272025D] - 13/02/2015 - 21:50:20 ---A- . (.Microsoft Corporation - Minirdr SMB do Windows NT.) -- C:\Windows\System32\Drivers\mrxsmb.sys [402432]
O44 - LFC:[MD5.C1E44A99F7CF8C3A08CD5ADDF451636C] - 13/02/2015 - 21:50:21 ---A- . (.Microsoft Corporation - Direct3D 9 Runtime.) -- C:\Windows\System32\d3d9.dll [2125344]
O44 - LFC:[MD5.DEA76F90F9777E3427D70E380222B23B] - 13/02/2015 - 21:50:21 ---A- . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\IKEEXT.DLL [1063424]
O44 - LFC:[MD5.93645AEBE163230A2ED5050C14AE6603] - 13/02/2015 - 21:50:33 ---A- . (.Microsoft Corporation - MSXML 3.0.) -- C:\Windows\System32\msxml3.dll [2149376]
O44 - LFC:[MD5.5D4A403DAE434FBA11779496EAFBDDE8] - 13/02/2015 - 21:50:45 ---A- . (.Microsoft Corporation - AD Harvest Sites and Subnets Service.) -- C:\Windows\System32\adhsvc.dll [75776]
O44 - LFC:[MD5.E0927EFA25D473367C3341B9F5969779] - 13/02/2015 - 21:50:45 ---A- . (.Microsoft Corporation - MAC Bridge Driver.) -- C:\Windows\System32\Drivers\bridge.sys [115712]
O44 - LFC:[MD5.FD4EA8E9232ADD51DC31C295DDEF2768] - 13/02/2015 - 21:50:46 ---A- . (.Microsoft Corporation - Agente de Eventos do Sistema.) -- C:\Windows\System32\SystemEventsBrokerServer.dll [287744]
O44 - LFC:[MD5.0DD29E5328436D51517316CD6D3BACCA] - 13/02/2015 - 21:50:46 ---A- . (.Microsoft Corporation - Provedor de Proxy PCSV para dispositivos.) -- C:\Windows\System32\pcsvDevice.dll [286208]
O44 - LFC:[MD5.36F977EDAE6CEE96CE6409B2B16765B4] - 13/02/2015 - 21:50:46 ---A- . (.Microsoft Corporation - Proximity Service Implementation.) -- C:\Windows\System32\ProximityService.dll [290816]
O44 - LFC:[MD5.73F269436228D5625E83A1EAF3549F58] - 13/02/2015 - 21:50:46 ---A- . (.Microsoft Corporation - Proxy Manager.) -- C:\Windows\System32\httpprxm.dll [118272]
O44 - LFC:[MD5.E325BCD68EC0CF2E2EDD0AB7CC17C698] - 13/02/2015 - 21:50:46 ---A- . (.Microsoft Corporation - Serviço de Infraestrutura de Tarefas de Seg.) -- C:\Windows\System32\bisrv.dll [267776]
O44 - LFC:[MD5.ABB028BAB78E7B4AFE374F8246F6CCB6] - 13/02/2015 - 21:50:47 ---A- . (.Microsoft Corporation - DLL da API LDAP Win32.) -- C:\Windows\System32\Wldap32.dll [359424]
O44 - LFC:[MD5.ACFEE9487693C2BD573DFCA71D98E17C] - 13/02/2015 - 21:50:47 ---A- . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em u.) -- C:\Windows\System32\iphlpsvc.dll [914432]
O44 - LFC:[MD5.37C1CBCB3F420C754E86E3EC313D436D] - 13/02/2015 - 21:50:49 ---A- . (.Microsoft Corporation - DLL cliente da API BASE do Windows NT.) -- C:\Windows\System32\KernelBase.dll [1112512]
O44 - LFC:[MD5.57CA779C19C2F224BE0C5EFC40F54B60] - 13/02/2015 - 21:50:49 ---A- . (.Microsoft Corporation - Microsoft OneDrive Sync Engine.) -- C:\Windows\System32\SyncEngine.dll [4758528]
O44 - LFC:[MD5.F58FBEA392B663B936E62939A877CA80] - 13/02/2015 - 21:50:49 ---A- . (.Microsoft Corporation - OneDrive Sync Engine.) -- C:\Windows\System32\SkyDrive.exe [1120768]
O44 - LFC:[MD5.66CBCDDEF429E5BA83C3288EEB0771A6] - 13/02/2015 - 21:50:49 ---A- . (.Microsoft Corporation - Telemetry Library for the OneDrive client.) -- C:\Windows\System32\SkyDriveTelemetry.dll [717824]
O44 - LFC:[MD5.0B1A9F6F9D2891C0F8783C0444D27DD0] - 13/02/2015 - 21:50:50 ---A- . (.Microsoft Corporation - Remote Desktop Services Client for Microsof.) -- C:\Windows\System32\rdvidcrl.dll [1057280]
O44 - LFC:[MD5.65392F3F3F65E4C6CC82A0F4F8A0B051] - 13/02/2015 - 21:50:53 ---A- . (.Microsoft Corporation - Driver de HUB USB3.) -- C:\Windows\System32\Drivers\USBHUB3.SYS [468288]
O44 - LFC:[MD5.7DDE896B21DA5E893559051F1AD69F2B] - 13/02/2015 - 21:50:54 ---A- . (.Microsoft Corporation - DLL de Tempo de Execução da Estrutura de Te.) -- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll [249344]
O44 - LFC:[MD5.3014CE5846A486C624E3E2CEB8C3290C] - 13/02/2015 - 21:50:54 ---A- . (.Microsoft Corporation - Extensão de Shell do Microsoft OneDrive.) -- C:\Windows\System32\SkyDriveShell.dll [286208]
O44 - LFC:[MD5.10CE7F7704E293F6CC6E0AF51DBFD95A] - 13/02/2015 - 21:50:55 ---A- . (.Microsoft Corporation - SearchFolder.) -- C:\Windows\System32\SearchFolder.dll [1106432]
O44 - LFC:[MD5.2ECA23663D13100032E09062C743C70D] - 13/02/2015 - 21:50:55 ---A- . (.Microsoft Corporation - Sistema de Propriedades Microsoft.) -- C:\Windows\System32\propsys.dll [1507648]
O44 - LFC:[MD5.8A522BBE4E06586C57E5D9DC50FB88B0] - 13/02/2015 - 21:50:56 ---A- . (.Microsoft Corporation - Cliente ActiveX dos Serviços de Área de Tra.) -- C:\Windows\System32\mstscax.dll [6649344]
O44 - LFC:[MD5.1676B06421492B439A9E60C55692A921] - 13/02/2015 - 21:50:56 ---A- . (.Microsoft Corporation - Windows.UI.Search.) -- C:\Windows\System32\Windows.UI.Search.dll [8757760]
O44 - LFC:[MD5.30293301B14D0D11D086B09831F5FE0D] - 13/02/2015 - 21:51:00 ---A- . (.Microsoft Corporation - WSShared DLL.) -- C:\Windows\System32\WSShared.dll [920064]
O44 - LFC:[MD5.10D8859CF01C1284603582ABD9B0482C] - 13/02/2015 - 21:51:04 ---A- . (.Microsoft Corporation - IU de consentimento para aplicativos admini.) -- C:\Windows\System32\consent.exe [114520]
O44 - LFC:[MD5.7667B9D81EA8FD6540E6CF72F92161A6] - 13/02/2015 - 21:51:04 ---A- . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\System32\appinfo.dll [109568]
O44 - LFC:[MD5.5DAA60A74D178525DC6ACF53ABE343D6] - 13/02/2015 - 21:51:04 ---A- . (.Microsoft Corporation - Windows Installer.) -- C:\Windows\System32\msi.dll [2779136]
O44 - LFC:[MD5.08914C8989AB93F5EC3A452D014E2C8D] - 13/02/2015 - 21:51:04 ---A- . (.Microsoft Corporation - Windows® installer.) -- C:\Windows\System32\msihnd.dll [356352]
O44 - LFC:[MD5.A00B916CD6A67984257DC53052350219] - 13/02/2015 - 21:51:05 ---A- . (.Microsoft Corporation - Interface do Usuário da Autenticação do Win.) -- C:\Windows\System32\authui.dll [2646016]
O44 - LFC:[MD5.ACDBE1ED38167C8B01B8F63161BB2CEA] - 13/02/2015 - 21:51:06 ---A- . (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\explorer.exe [2374784]
O44 - LFC:[MD5.04AE20974DF91DC7B9075FC5A126B77C] - 13/02/2015 - 21:51:06 ---A- . (.Microsoft Corporation - Windows User Experience Session Initializat.) -- C:\Windows\System32\UXInit.dll [68096]
O44 - LFC:[MD5.00CD1254837739E310505EBCB19F7971] - 13/02/2015 - 21:51:08 ---A- . (.Microsoft Corporation - Gerenciador de Janelas da Área de Trabalho.) -- C:\Windows\System32\uDWM.dll [796672]
O44 - LFC:[MD5.CDC8A85EB301A8CBE55A81A1D55AF5E5] - 13/02/2015 - 21:52:19 ---A- . (.Microsoft Corporation - ADVPACK.) -- C:\Windows\System32\IEAdvpack.dll [132096]
O44 - LFC:[MD5.4B9C652BD0FD95A9E6123913C35519D6] - 13/02/2015 - 21:52:19 ---A- . (.Microsoft Corporation - Autoextrator de arquivo de gabinete Win32.) -- C:\Windows\System32\wextract.exe [143872]
O44 - LFC:[MD5.A3871DED5ED88F59C0D1396761708F81] - 13/02/2015 - 21:52:19 ---A- . (.Microsoft Corporation - Host de Aplicativo HTML da Microsoft(R).) -- C:\Windows\System32\mshta.exe [13824]
O44 - LFC:[MD5.A7F53772ECAE2F44B455D14F71179940] - 13/02/2015 - 21:52:19 ---A- . (.Microsoft Corporation - IE ETW Collector Proxy Stub Resources.) -- C:\Windows\System32\ieetwproxystub.dll [48640]
O44 - LFC:[MD5.E99E2E88BFE584184AE92B1F8995CE93] - 13/02/2015 - 21:52:19 ---A- . (.Microsoft Corporation - Mapa de versão IOD.) -- C:\Windows\System32\iesetup.dll [66560]
O44 - LFC:[MD5.66585D645C4E23A0FD5124BD714AE020] - 13/02/2015 - 21:52:19 ---A- . (.Microsoft Corporation - Microsoft Feeds Synchronization.) -- C:\Windows\System32\msfeedssync.exe [12800]
O44 - LFC:[MD5.94C59DD02BC7EA0E421055B9946CA861] - 13/02/2015 - 21:52:19 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2724864]
O44 - LFC:[MD5.6A7F8D139610E5F3F158182778EF9275] - 13/02/2015 - 21:52:19 ---A- . (.Microsoft Corporation - Processamento de RunOnce estendido com inte.) -- C:\Windows\System32\iernonce.dll [34304]
O44 - LFC:[MD5.E77092C38028EB0A5C461B3436E0A6D5] - 13/02/2015 - 21:52:19 ---A- . (.Microsoft Corporation - Recursos do Serviço Coletor ETW do IE.) -- C:\Windows\System32\ieetwcollectorres.dll [4096]
O44 - LFC:[MD5.CA2F3153EF3BCB0BD3A8984C933DF604] - 13/02/2015 - 21:52:19 ---A- . (.Microsoft Corporation - Wizard.) -- C:\Windows\System32\iexpress.exe [167424]
O44 - LFC:[MD5.F54E1190251EB245183BF16D6C315613] - 13/02/2015 - 21:52:20 ---A- . (.Microsoft Corporation - Internet Shortcut Shell Extension DLL.) -- C:\Windows\System32\url.dll [237568]
O44 - LFC:[MD5.D66D11191B48007179B0A77DC0717267] - 13/02/2015 - 21:52:21 ---A- . (.Microsoft Corporation - DLL do Gerenciador de Licenças da Microsoft.) -- C:\Windows\System32\licmgr10.dll [33280]
O44 - LFC:[MD5.6096209CB47D61499C3608B9C25B073C] - 13/02/2015 - 21:52:21 ---A- . (.Microsoft Corporation - IE PNG plugin image decoder.) -- C:\Windows\System32\pngfilt.dll [64512]
O44 - LFC:[MD5.161BC2E883A8D8759A4DCF2A85AF9128] - 13/02/2015 - 21:52:21 ---A- . (.Microsoft Corporation - IE plugin image decoder support DLL.) -- C:\Windows\System32\imgutil.dll [51200]
O44 - LFC:[MD5.3721721151DB49457B0FD35E0C04594C] - 13/02/2015 - 21:52:22 ---A- . (.Microsoft Corporation - Classificação da Internet e DLL de gerencia.) -- C:\Windows\System32\msrating.dll [199680]
O44 - LFC:[MD5.47162151E35EA0B7152B7C841FA21FDB] - 13/02/2015 - 21:52:22 ---A- . (.Microsoft Corporation - DAC for Trident DOM.) -- C:\Windows\System32\MshtmlDac.dll [88064]
O44 - LFC:[MD5.8AE1AC97407CD82D8389390C21430579] - 13/02/2015 - 21:52:22 ---A- . (.Microsoft Corporation - IE Sysprep Provider.) -- C:\Windows\System32\iesysprep.dll [111616]
O44 - LFC:[MD5.85E97591864F3125C5B08FB44E0E8078] - 13/02/2015 - 21:52:22 ---A- . (.Microsoft Corporation - Sincronização em Segundo Plano para Feeds M.) -- C:\Windows\System32\msfeedsbs.dll [60416]
O44 - LFC:[MD5.1C3C54FA2D620DF3093F356A56EC5957] - 13/02/2015 - 21:52:22 ---A- . (.Microsoft Corporation - Utilitário de Instalação Autônoma do IE 7.0.) -- C:\Windows\System32\ieUnatt.exe [144384]
O44 - LFC:[MD5.F0A53129AE95A895EC8C4DC36E1797A2] - 13/02/2015 - 21:52:23 ---A- . (.Microsoft Corporation - Componente do Microsoft Office 2000.) -- C:\Windows\System32\hlink.dll [108544]
O44 - LFC:[MD5.284070B045F8B11B4A1FB32F72023038] - 13/02/2015 - 21:52:23 ---A- . (.Microsoft Corporation - Conversor de HTML da Microsoft.) -- C:\Windows\System32\html.iec [417280]
O44 - LFC:[MD5.A348DEFC16B6FBC88B7D61C3B861BCB1] - 13/02/2015 - 21:52:23 ---A- . (.Microsoft Corporation - Mecanismo de instalação.) -- C:\Windows\System32\inseng.dll [107520]
O44 - LFC:[MD5.62CFEE2A516C68540486EBF26F18ED4C] - 13/02/2015 - 21:52:23 ---A- . (.Microsoft Corporation - Objetos pares do Internet Explorer.) -- C:\Windows\System32\iepeers.dll [145408]
O44 - LFC:[MD5.00FB2FB8C27C834CF575BC415B80F995] - 13/02/2015 - 21:52:23 ---A- . (.Microsoft Corporation - TDC ActiveX Control.) -- C:\Windows\System32\tdc.ocx [87552]
O44 - LFC:[MD5.907B558B742B1E52E9E37E3CAAF6508E] - 13/02/2015 - 21:52:24 ---A- . (.Microsoft Corporation - Monitor de Sites.) -- C:\Windows\System32\webcheck.dll [262144]
O44 - LFC:[MD5.587DEBB59F5F14C9610966FB14A33607] - 13/02/2015 - 21:52:26 ---A- . (.Microsoft Corporation - Mecanismo da Interface do Usuário do Intern.) -- C:\Windows\System32\ieui.dll [633856]
O44 - LFC:[MD5.505815B1967A504B077497D304239B4A] - 13/02/2015 - 21:52:26 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript.dll [816128]
O44 - LFC:[MD5.BF57C911895454A8874E9DFA5716C624] - 13/02/2015 - 21:52:27 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [584192]
O44 - LFC:[MD5.E40D3696BE4852956669C285038B37A6] - 13/02/2015 - 21:52:28 ---A- . (.Microsoft Corporation - IE ETW Collector Service.) -- C:\Windows\System32\ieetwcollector.exe [114688]
O44 - LFC:[MD5.F86097CFDE7624DA2DE246F5B4BE3704] - 13/02/2015 - 21:52:28 ---A- . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll [1032704]
O44 - LFC:[MD5.9DFE41A69DF70AAB75CB5BA8C1109EA2] - 13/02/2015 - 21:52:31 ---A- . (.Microsoft Corporation - Internet Extensions para Win32.) -- C:\Windows\System32\wininet.dll [2358272]

O44 - LFC:[MD5.CD726C899BD9A398E8420564A957320B] - 13/02/2015 - 21:52:31 ---A- . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll [25056256]
O44 - LFC:[MD5.7A388AFC6885D22F4D988EE9B8D1291A] - 13/02/2015 - 21:52:32 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll [800768]
O44 - LFC:[MD5.DE58DE2C6C8439B7174D6D3568AA4A80] - 13/02/2015 - 21:52:32 ---A- . (.Microsoft Corporation - Microsoft ® JScript Diagnostics.) -- C:\Windows\System32\jscript9diag.dll [814080]
O44 - LFC:[MD5.F4B79B54D173FF0E6748F8C93E16CF4C] - 13/02/2015 - 21:52:32 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript9.dll [6041088]
O44 - LFC:[MD5.A04F0C4A0B80C92F92E854E7157D6466] - 13/02/2015 - 21:52:33 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [92160]
O44 - LFC:[MD5.E0F76B5B904E4F448641B2B506496351] - 13/02/2015 - 21:52:33 ---A- . (.Microsoft Corporation - Navegador da Internet.) -- C:\Windows\System32\ieframe.dll [14401024]
O44 - LFC:[MD5.F79E5258AF040A8AD83C7C1273A071C3] - 13/02/2015 - 21:52:34 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [54784]
O44 - LFC:[MD5.A7A3775B0014B165D75A00A1F632E4B5] - 13/02/2015 - 21:52:36 ---A- . (.Microsoft Corporation - Executar utilitário de tempo do Internet Ex.) -- C:\Windows\System32\iertutil.dll [2885632]
O44 - LFC:[MD5.15842FB41A3BF2A2F5071518B38C957A] - 13/02/2015 - 21:52:37 ---A- . (.Microsoft Corporation - Painel de Controle da Internet.) -- C:\Windows\System32\inetcpl.cpl [2125824]
O44 - LFC:[MD5.76DB5845E168173BBA2D3CCC4B363E42] - 13/02/2015 - 21:52:40 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [801280]
O44 - LFC:[MD5.CB2528D522FF1F5A7BF9B27D2FB250FF] - 13/02/2015 - 21:52:41 ---A- . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll [1548288]
O44 - LFC:[MD5.49FABD0144A3BBD59D5DA1A0180DCE6E] - 13/02/2015 - 21:52:41 ---A- . (.Microsoft Corporation - Identidade visual IEAK.) -- C:\Windows\System32\iedkcs32.dll [374272]
O44 - LFC:[MD5.DD8FD33C108F14681A410067AB21DDF3] - 13/02/2015 - 21:52:41 ---A- . (.Microsoft Corporation - Visualizador de controles de objetos.) -- C:\Windows\System32\occache.dll [152064]
O44 - LFC:[MD5.C9AB2198141844D3DF96B4552CE9D5AB] - 13/02/2015 - 21:52:44 ---A- . (.Microsoft Corporation - JavaScript Performance Collection Agent.) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [77824]
O44 - LFC:[MD5.8076BB31004C1D763D5D4AEF9F0BDD4B] - 13/02/2015 - 21:52:44 ---A- . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe [718848]
O44 - LFC:[MD5.CF1488FCA487516DB09E797F3AC49E4A] - 13/02/2015 - 21:52:45 ---A- . (.Microsoft Corporation - ActiveX Interface Marshaling Library.) -- C:\Windows\System32\actxprxy.dll [2865152]
O44 - LFC:[MD5.29A888F3136B2643E22113B5422B46F9] - 13/02/2015 - 21:52:52 ---A- . (.Microsoft Corporation - Microsoft Remote Desktop Services Web Proxy.) -- C:\Windows\System32\TSWbPrxy.exe [87040]
O44 - LFC:[MD5.F0CB6DB513CAC393D04A0FCE0A59E1BF] - 13/02/2015 - 21:53:03 ---A- . (.Microsoft Corporation - Application Compatibility Cache.) -- C:\Windows\System32\Drivers\ahcache.sys [75776]
O44 - LFC:[MD5.B8B663BE41827211737F627473D6D192] - 13/02/2015 - 21:53:07 ---A- . (.Microsoft Corporation - Common Log File System Driver.) -- C:\Windows\System32\Drivers\clfs.sys [377176]
O44 - LFC:[MD5.25EE65F2FA154EDED0E87354311FB1E2] - 13/02/2015 - 21:53:07 ---A- . (.Microsoft Corporation - Remote Access PPP EAP-TLS.) -- C:\Windows\System32\rastls.dll [590336]
O44 - LFC:[MD5.DB32958F0E704EFBF7F15161A569E39F] - 13/02/2015 - 21:53:07 ---A- . (.Microsoft Corporation - Windows NT WebDav Minirdr.) -- C:\Windows\System32\Drivers\mrxdav.sys [140800]
O44 - LFC:[MD5.D3AE5DB16EAF913860EC28654CE00E6B] - 13/02/2015 - 21:53:08 ---A- . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\System32\schedsvc.dll [1212928]
O44 - LFC:[MD5.9A108C0A3092110F4651B3AFB9CC7B3D] - 13/02/2015 - 21:53:18 ---A- . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\oleaut32.dll [789184]
O44 - LFC:[MD5.63274242700279852B5CFFE4E2E0C6D1] - 13/02/2015 - 21:53:25 ---A- . (.Microsoft Corporation - AMD64 Wow64 CPU.) -- C:\Windows\System32\wow64cpu.dll [13312]
O44 - LFC:[MD5.7162FD845D142C542C0D041F3B3D525F] - 13/02/2015 - 21:53:25 ---A- . (.Microsoft Corporation - DLL de nível do NT.) -- C:\Windows\System32\ntdll.dll [1733440]
O44 - LFC:[MD5.BC9E947C4B1E166CE2237871CAA4BDC0] - 13/02/2015 - 21:53:25 ---A- . (.Microsoft Corporation - Emulação de 16 bits em NT64.) -- C:\Windows\System32\ntvdm64.dll [16896]
O44 - LFC:[MD5.57D55B8D3387C51758C785C425922C0E] - 13/02/2015 - 21:53:25 ---A- . (.Microsoft Corporation - Win32 Emulation on NT64.) -- C:\Windows\System32\wow64.dll [285184]
O44 - LFC:[MD5.3A620A263DA883515786E68BE3CE23AA] - 13/02/2015 - 21:53:26 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe [7472960]
O44 - LFC:[MD5.3D2E3A5CFCE65310134C11A00D6D32D0] - 13/02/2015 - 21:53:26 ---A- . (.Microsoft Corporation - Provedor de Segurança TLS/SSL.) -- C:\Windows\System32\schannel.dll [430080]
O44 - LFC:[MD5.E9F333234A5641E2FEF2F5240BDD56B8] - 13/02/2015 - 21:53:37 ---A- . (.Microsoft Corporation - Windows Update Application Launcher.) -- C:\Windows\System32\wuapp.exe [35328]
O44 - LFC:[MD5.736046C9AFD66BA29BA61ACD582E7A7B] - 13/02/2015 - 21:53:37 ---A- . (.Microsoft Corporation - Windows Update Vista Web Control.) -- C:\Windows\System32\wuwebv.dll [137728]
O44 - LFC:[MD5.3DF281C1553A6124DEF875C19D46AC0D] - 13/02/2015 - 21:53:38 ---A- . (.Microsoft Corporation - Authentication Provider.) -- C:\Windows\System32\storewuauth.dll [190976]
O44 - LFC:[MD5.4FB80968811FAD6E88ABFAA98E51305C] - 13/02/2015 - 21:53:38 ---A- . (.Microsoft Corporation - Experiência de Usuário Cliente do Windows U.) -- C:\Windows\System32\wucltux.dll [1705472]
O44 - LFC:[MD5.850FC6B2E385766B9972CDBE947989F6] - 13/02/2015 - 21:53:38 ---A- . (.Microsoft Corporation - Windows Update Modern WuApp.) -- C:\Windows\System32\WUSettingsProvider.dll [381440]
O44 - LFC:[MD5.68CB2B575F0C67BB14590D1471285287] - 13/02/2015 - 21:53:39 ---A- . (.Microsoft Corporation - DLL do Gerenciador de Processos em Segundo.) -- C:\Windows\System32\ubpm.dll [201728]
O44 - LFC:[MD5.6BC31FB4E24A962C98801D3687A984C0] - 13/02/2015 - 21:53:51 ---A- . (.Microsoft Corporation - Biblioteca de Sincronização via Web da Prot.) -- C:\Windows\System32\WpcWebSync.dll [2861056]
O44 - LFC:[MD5.E7DE316FEEFC79327CFAD8F527979CC0] - 13/02/2015 - 21:53:52 ---A- . (.Microsoft Corporation - Biblioteca de Configurações dos Controles d.) -- C:\Windows\System32\Wpc.dll [3118080]
O44 - LFC:[MD5.E2F4125BFAC99244088324A1841C0B83] - 13/02/2015 - 21:53:52 ---A- . (.Microsoft Corporation - Monitor de Proteção para a Família.) -- C:\Windows\System32\WpcMon.exe [3048880]
O44 - LFC:[MD5.87CEF71F9D5951C9379D2F956C07C37D] - 13/02/2015 - 21:53:58 ---A- . (.Microsoft Corporation - GDI Client DLL.) -- C:\Windows\System32\gdi32.dll [1336624]
O44 - LFC:[MD5.14BEA911F78B44E47CBD18210E541A43] - 13/02/2015 - 21:54:01 ---A- . (.Microsoft Corporation - Canonical Display Driver.) -- C:\Windows\System32\cdd.dll [212992]
O44 - LFC:[MD5.454978FB3D24DE5C4199162D5F81FBEE] - 13/02/2015 - 21:54:02 ---A- . (.Microsoft Corporation - Biblioteca Principal de DWM da Microsoft.) -- C:\Windows\System32\dwmcore.dll [2133504]
O44 - LFC:[MD5.8E5C2B32EE4166A3084B133183A00F2A] - 13/02/2015 - 21:54:02 ---A- . (.Microsoft Corporation - Direct3D 11 Runtime.) -- C:\Windows\System32\d3d11.dll [2141912]
O44 - LFC:[MD5.59EAFAE3A34B4925990A2E679CA91C5B] - 13/02/2015 - 21:54:02 ---A- . (.Microsoft Corporation - DirectX Graphics Infrastructure.) -- C:\Windows\System32\dxgi.dll [517528]
O44 - LFC:[MD5.313DCE665B57000B18CB26C6B6A10DFE] - 13/02/2015 - 21:54:02 ---A- . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys [1557848]
O44 - LFC:[MD5.4030CB06B8D963A45CED9E60C9F2A11E] - 13/02/2015 - 21:54:02 ---A- . (.Microsoft Corporation - DirectX Graphics MMS.) -- C:\Windows\System32\Drivers\dxgmms1.sys [379224]
O44 - LFC:[MD5.A8484FB640E044858BA19FB4F13DD4CE] - 13/02/2015 - 21:54:07 ---A- . (.Microsoft Corporation - DLL de eventos de auditoria de segurança.) -- C:\Windows\System32\msaudite.dll [154112]
O44 - LFC:[MD5.D7B23B3154508256C9F434EF9B65B91D] - 13/02/2015 - 21:54:07 ---A- . (.Microsoft Corporation - UMRDP Display Driver.) -- C:\Windows\System32\rdpudd.dll [131584]
O44 - LFC:[MD5.488CEA4F1B4D2446FFB7A94E3CB385FE] - 13/02/2015 - 21:54:08 ---A- . (.Microsoft Corporation - Cliente dos Serviços de Certificados do Act.) -- C:\Windows\System32\certcli.dll [445440]
O44 - LFC:[MD5.91E59FCB3B32DD84E5DCDA2EA1583807] - 13/02/2015 - 21:54:08 ---A- . (.Microsoft Corporation - DLL do Esquema de auditoria de segurança.) -- C:\Windows\System32\adtschema.dll [736768]
O44 - LFC:[MD5.9F08A6608F98B5407E7DDBCF306573EF] - 13/02/2015 - 21:54:08 ---A- . (.Microsoft Corporation - Microsoft RDP Video Miniport driver.) -- C:\Windows\System32\Drivers\rdpvideominiport.sys [27456]
O44 - LFC:[MD5.3D2D2EA099D98FE6B94C7D8C7992C08C] - 13/02/2015 - 21:54:08 ---A- . (.Microsoft Corporation - Microsoft RemoteFX VM Transport.) -- C:\Windows\System32\rfxvmt.dll [40448]
O44 - LFC:[MD5.949E590B76018E4523FC71CE510ED9ED] - 13/02/2015 - 21:54:09 ---A- . (.Microsoft Corporation - DLL do servidor LSA.) -- C:\Windows\System32\lsasrv.dll [1441792]
O44 - LFC:[MD5.4E1207CE16E615B0B7A70DC889F4500E] - 13/02/2015 - 21:54:09 ---A- . (.Microsoft Corporation - Kernel Cryptography, Next Generation.) -- C:\Windows\System32\Drivers\cng.sys [563976]
O44 - LFC:[MD5.6D2EE96150E35B9EA49F2B481DE0369A] - 13/02/2015 - 21:54:09 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecpkg.sys [177472]
O44 - LFC:[MD5.1D25CC0A9C480C5D56A5A6CF2B5DEB99] - 13/02/2015 - 21:54:09 ---A- . (.Microsoft Corporation - TS RDPCore DLL.) -- C:\Windows\System32\rdpcorets.dll [3547648]
O44 - LFC:[MD5.9EC0B4E613DB6002DEF0346208E433E7] - 13/02/2015 - 21:54:15 ---A- . (.Microsoft Corporation - Microsoft Windows Codecs Library.) -- C:\Windows\System32\WindowsCodecs.dll [1762840]
O44 - LFC:[MD5.1BB9CC78C91536CBA7B04B61ED0F85C4] - 13/02/2015 - 21:54:16 ---A- . (.Microsoft Corporation - Tempo de Execução da Chamada de Procediment.) -- C:\Windows\System32\rpcrt4.dll [1273184]
O44 - LFC:[MD5.6DE50D5592C6EE18C87B0C2EEEDC1621] - 13/02/2015 - 21:55:22 ---A- . (.Microsoft Corporation - DPAPI Server.) -- C:\Windows\System32\dpapisrv.dll [185856]
O44 - LFC:[MD5.622928F5A8045F8122F10561D6C35ED0] - 13/02/2015 - 21:55:22 ---A- . (.Microsoft Corporation - Microsoft SChannel Provider.) -- C:\Windows\System32\ncryptsslp.dll [104336]
O44 - LFC:[MD5.F8A442ABBAB56529B625DB9D916EA46A] - 13/02/2015 - 21:55:27 ---A- . (.Microsoft Corporation - Mecanismo do editor de configuração de segu.) -- C:\Windows\System32\scesrv.dll [538624]
O44 - LFC:[MD5.19424364D8C03B990C4281BE53963FD0] - 13/02/2015 - 21:56:23 ---A- . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [225280]
O44 - LFC:[MD5.15750011454B89F4950D7E7E4A947EC1] - 13/02/2015 - 21:56:24 ---A- . (.Microsoft Corporation - Teclado Virtual para Acessibilidade.) -- C:\Windows\System32\osk.exe [834048]
O44 - LFC:[MD5.04D6FAB6BE09C83DF591D58E1FBADA59] - 14/02/2015 - 13:54:34 ---A- . (.Microsoft Corporation - WSMAN WMI Provider.) -- C:\Windows\System32\WsmWmiPl.dll [274944]
O44 - LFC:[MD5.6317C9DB4282CEAA3BAB131BC3839B2A] - 14/02/2015 - 13:54:35 ---A- . (.Microsoft Corporation - DLL da interface de usuário da folha de pro.) -- C:\Windows\System32\compstui.dll [308736]
O44 - LFC:[MD5.9C55CE9707B3CA29A6505BCDCC546390] - 14/02/2015 - 13:54:35 ---A- . (.Microsoft Corporation - Microsoft Fax API Support DLL.) -- C:\Windows\System32\FXSAPI.dll [275968]
O44 - LFC:[MD5.6C118AEDD15FDBEAECC0E85C64B5B86B] - 14/02/2015 - 13:54:36 ---A- . (.Microsoft Corporation - Microsoft Fax Server Extended COM Client In.) -- C:\Windows\System32\FXSCOMEX.dll [615424]
O44 - LFC:[MD5.8758F5DEBD2B950B2D56ED11F9E0B38F] - 14/02/2015 - 13:54:39 ---A- . (.Microsoft Corporation - NTFS Utility DLL.) -- C:\Windows\System32\untfs.dll [545792]
O44 - LFC:[MD5.A8732AFE4DB47114355ABB285ED776D2] - 14/02/2015 - 13:54:41 ---A- . (.Microsoft Corporation - puiapi DLL.) -- C:\Windows\System32\puiapi.dll [187392]
O44 - LFC:[MD5.118A11C89FAD244A2B85DA7EDC3E9683] - 14/02/2015 - 13:54:42 ---A- . (.Microsoft Corporation - DLL prnntfy.) -- C:\Windows\System32\prnntfy.dll [215552]
O44 - LFC:[MD5.66732C13628BDB1AB0D6FD46027327C2] - 14/02/2015 - 13:54:42 ---A- . (.Microsoft Corporation - Driver de Classe de Armazenamento em Massa.) -- C:\Windows\System32\Drivers\USBSTOR.SYS [148800]
O44 - LFC:[MD5.8CBF1E2761816CFD9D32F8B32531D0FB] - 14/02/2015 - 13:54:42 ---A- . (.Microsoft Corporation - Windows Services Instrumentation Module.) -- C:\Windows\System32\winbici.dll [118272]
O44 - LFC:[MD5.7F23E38C5B6448F91439E4066645191E] - 14/02/2015 - 13:54:43 ---A- . (.Microsoft Corporation - FWP/IPsec Kernel-Mode API.) -- C:\Windows\System32\Drivers\FWPKCLNT.SYS [428864]
O44 - LFC:[MD5.12C0733F955E15C3C37DD24C9C7D796A] - 14/02/2015 - 13:54:45 ---A- . (.Microsoft Corporation - DLL do Provedor de Impressão DAF.) -- C:\Windows\System32\DafPrintProvider.dll [263680]
O44 - LFC:[MD5.5416C603B6C85CF0698E8A2A1D28BAA2] - 14/02/2015 - 13:54:46 ---A- . (.Microsoft Corporation - DLL de Objetos PrintUI.) -- C:\Windows\System32\puiobj.dll [448512]
O44 - LFC:[MD5.9CE162EB9057CF079736F4DD00FC0D6C] - 14/02/2015 - 13:54:46 ---A- . (.Microsoft Corporation - Serviço WSMan.) -- C:\Windows\System32\WsmSvc.dll [2480128]
O44 - LFC:[MD5.50E96089F9BE352621997143A56C8E76] - 14/02/2015 - 13:54:47 ---A- . (.Microsoft Corporation - Provedor de Impressão do Processo do Client.) -- C:\Windows\System32\win32spl.dll [822272]
O44 - LFC:[MD5.E3FCE2A6B3533D99A3B498504DF9CC47] - 14/02/2015 - 13:54:49 ---A- . (.Microsoft Corporation - Network I/O Subsystem.) -- C:\Windows\System32\Drivers\netio.sys [474432]
O44 - LFC:[MD5.CA729FCE295895515A09BD6FF7903DC8] - 14/02/2015 - 13:54:51 ---A- . (.Microsoft Corporation - DLL de Coletor e Fonte MPEG4 do Media Found.) -- C:\Windows\System32\mfmp4srcsnk.dll [836176]
O44 - LFC:[MD5.1D303CE5BCBD5B80BBA08321F28A3F86] - 14/02/2015 - 13:55:06 ---A- . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\Windows\System32\shell32.dll [21197152]
O44 - LFC:[MD5.CCB3A2BB60FE5073F2DEA63FE83CF8FE] - 14/02/2015 - 13:55:07 ---A- . (.Microsoft Corporation - Driver TCP/IP.) -- C:\Windows\System32\Drivers\tcpip.sys [2497344]
O44 - LFC:[MD5.C88B63FE96DB4BCED65DD442BC8E77F5] - 14/02/2015 - 13:55:13 ---A- . (.Microsoft Corporation - DLL do spooler local.) -- C:\Windows\System32\localspl.dll [1053184]
O44 - LFC:[MD5.1907823D5ACFD75D1D8C0D4318299726] - 14/02/2015 - 13:55:14 ---A- . (.Microsoft Corporation - System Settings Handlers Implementation.) -- C:\Windows\System32\SettingsHandlers.dll [2714112]
O44 - LFC:[MD5.C4306ADC38939CAC60EA38AAD9F170C0] - 14/02/2015 - 13:55:15 ---A- . (.Microsoft Corporation - TWINUI.) -- C:\Windows\System32\twinui.dll [13424128]
O44 - LFC:[MD5.A208498C5CD750A1743C1AC8162A810F] - 14/02/2015 - 13:55:23 ---A- . (.Microsoft Corporation - Media Foundation Media Engine DLL.) -- C:\Windows\System32\MFMediaEngine.dll [941568]
O44 - LFC:[MD5.67A254351F354D202767A3632188EE9D] - 14/02/2015 - 17:03:38 ---A- . (...) -- C:\Windows\win.ini [194]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 14/02/2015 - 19:05:22 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.5967A5E3455EAD60F998CD098A324159] - 14/02/2015 - 19:42:37 ---A- . (...) -- C:\zoek-results.log [21242]
O44 - LFC:[MD5.DB7815ACB2D8F7CB03807059969F13B6] - 14/02/2015 - 19:58:19 ---A- . (.Microsoft Corporation - Microsoft Windows MRM.) -- C:\Windows\System32\MrmCoreR.dll [1091072]
O44 - LFC:[MD5.A750229C96A406EE123F43916053F142] - 14/02/2015 - 19:58:21 ---A- . (.Microsoft Corporation - Microsoft SLR Error Reporting Helper.) -- C:\Windows\System32\mrt_map.dll [86688]
O44 - LFC:[MD5.D178F55D53B9A10FFBDC134C95517846] - 14/02/2015 - 19:58:21 ---A- . (.Microsoft Corporation - System Language Runtime.) -- C:\Windows\System32\mrt100.dll [28320]
O44 - LFC:[MD5.BA0ED854110D45E5D4A46BD250BAF4E0] - 14/02/2015 - 19:58:22 ---A- . (.Microsoft Corporation - Software Protection Platform Plugins.) -- C:\Windows\System32\sppobjs.dll [1487976]
O44 - LFC:[MD5.43647B730E82998201C61CA7FF7B524A] - 14/02/2015 - 19:58:32 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [391526]
O44 - LFC:[MD5.326715361A7D1C65983BFE920990E4EF] - 14/02/2015 - 19:58:32 ---A- . (.Microsoft Corporation - Instalador Autônomo do Windows Update.) -- C:\Windows\System32\wusa.exe [308224]
O44 - LFC:[MD5.3D748E5558FD9A9F03182CB2330698DC] - 14/02/2015 - 20:16:02 ---A- . (.Microsoft Corporation - Gerenciador de Conexões Remotas do Servidor.) -- C:\Windows\System32\termsrv.dll [1018880]
O44 - LFC:[MD5.400B56A4249178A36AD7800E4EC39288] - 14/02/2015 - 20:19:13 ---A- . (.Microsoft Corporation - Ferramentas de Remoção de Software Mal-Inte.) -- C:\Windows\System32\MRT.exe [116773704]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 14/02/2015 - 21:49:58 ---A- . (...) -- C:\essai.txt [0]
O44 - LFC:[MD5.CA43F8904E24BBE49982E4C0B29E6579] - 14/02/2015 - 22:13:43 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816]
O44 - LFC:[MD5.478CC94C937D235CB0A96AB8F2359D81] - 14/02/2015 - 22:13:43 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [93400]
O44 - LFC:[MD5.9D7BFFDB5FA62B600DF1FCB4919D9D79] - 14/02/2015 - 22:13:43 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [64216]
O44 - LFC:[MD5.94B295AA917063DEBBD377BC8C947CDE] - 15/02/2015 - 07:35:16 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [337992]
O44 - LFC:[MD5.1EB97859CAB65EDF0B0059DB2136559B] - 15/02/2015 - 08:09:11 ---A- . (.Baidu, Inc. - Baidu Antivirus BdSandboxDll.dll.) -- C:\Windows\System32\BdSandboxDll64.dll [418336]
O44 - LFC:[MD5.00A62C25A3482A971BD80575B1B21ED0] - 15/02/2015 - 08:50:36 ---A- . (...) -- C:\AT-Destroyer.txt [5652]
O44 - LFC:[MD5.AE7710A34F4364976446A03F529C22CA] - 15/02/2015 - 08:51:49 ---A- . (...) -- C:\Windows\PFRO.log [71214]
O44 - LFC:[MD5.9B863078D64E934484975B908CCEDA55] - 15/02/2015 - 08:52:05 ---A- . (...) -- C:\Windows\setupact.log [18550]
O44 - LFC:[MD5.26C43960C99EE861A5D0EDC4DCF3B1C3] - 15/02/2015 - 08:53:01 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [129752]
O44 - LFC:[MD5.342F3A65486B9E457AC85FD1B16CD61E] - 15/02/2015 - 08:53:58 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.630EC5FC78B48559CB6A626BD336D993] - 15/02/2015 - 09:04:14 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1707228]
O44 - LFC:[MD5.AC1C320D28792F893D42E79C82CBE6D6] - 15/02/2015 - 09:04:14 ---A- . (...) -- C:\Windows\System32\perfc009.dat [127812]
O44 - LFC:[MD5.B24D88ABC347C628648FF41140951930] - 15/02/2015 - 09:04:14 ---A- . (...) -- C:\Windows\System32\perfh009.dat [687180]
O44 - LFC:[MD5.FBA2826A689CC3524A3D6F162B4F9124] - 15/02/2015 - 09:04:14 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [150714]
O44 - LFC:[MD5.C2C24044C54B2A5995C9191A8D6BB244] - 15/02/2015 - 09:04:14 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [738078]
O44 - LFC:[MD5.2106FCD39AF7912D80717AC42593D5A0] - 15/02/2015 - 09:25:09 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1054386]
~ Files: 328 Scanned in 00mn 30s



---\\ Últimos arquivos criados no Windows Prefetcher (045)
O45 - LFCP:[MD5.2F5F8355C9D8C9EB29EFF05AC32FE8C3] - 11/02/2015 - 18:02:26 ---A- - C:\Windows\Prefetch\INS_IWEBAR.EXE-B20A1C82.pf =>PUP.CrossRider
O45 - LFCP:[MD5.248F3C5C81AEEC2D8B4D1AB2F8694710] - 14/02/2015 - 16:52:15 ---A- - C:\Windows\Prefetch\SOFTWAREUPDATER.EXE-F9554656.pf =>PUP.Eorezo
~ Prefetcher: 2 Scanned in 00mn 02s



---\\ Negação do serviço (Local Security Authority) (048)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Mecanismo cliente do 'Editor de configuração de segurança Windows'.) -- C:\Windows\System32\scecli.dll
~ LSA: 3 Scanned in 00mn 00s



---\\ Controlo do Modo de Segurança (CSB) (49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 17 Scanned in 00mn 00s



---\\ Pesquisa de infeções nos drivers (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Enumeração das chaves do registo SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
~ MWPS: 19 Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
~ MWPE Keys: 3 Scanned in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:22/08/2013 - 09:43:41 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [108896]
O58 - SDL:22/08/2013 - 09:43:41 ---A- . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) -- C:\Windows\System32\Drivers\adp80xx.sys [782176]
O58 - SDL:22/08/2013 - 09:43:41 ---A- . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [79200]
O58 - SDL:22/08/2013 - 09:43:41 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [259424]
O58 - SDL:22/08/2013 - 09:43:40 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [25952]
O58 - SDL:22/08/2013 - 09:43:41 ---A- . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [114016]
O58 - SDL:12/08/2013 - 20:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:22/08/2013 - 09:43:41 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [531296]
O58 - SDL:22/08/2013 - 09:43:45 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3357024]
O58 - SDL:22/08/2013 - 09:43:45 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [64352]
O58 - SDL:30/07/2013 - 15:47:35 ---A- . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\Drivers\iaLPSSi_GPIO.sys [24568]
O58 - SDL:25/07/2013 - 16:05:39 ---A- . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\Drivers\iaLPSSi_I2C.sys [99320]
O58 - SDL:09/08/2013 - 21:39:30 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver (inbox) - x64.) -- C:\Windows\System32\Drivers\iaStorAV.sys [651248]
O58 - SDL:22/08/2013 - 09:43:45 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [412000]
O58 - SDL:07/03/2014 - 13:18:23 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [3729920]
O58 - SDL:07/03/2014 - 13:26:42 ---A- . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [450520]
O58 - SDL:01/03/2014 - 17:32:31 ---A- . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\Drivers\intelaud.sys [38296]
O58 - SDL:01/03/2014 - 17:32:31 ---A- . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\Drivers\iwdbus.sys [27032]
O58 - SDL:22/08/2013 - 09:43:44 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [109408]
O58 - SDL:22/08/2013 - 09:43:45 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [93536]
O58 - SDL:22/08/2013 - 09:43:44 ---A- . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas3.sys [81760]
O58 - SDL:22/08/2013 - 09:43:45 ---A- . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sss.sys [82784]
O58 - SDL:21/11/2014 - 05:14:08 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816]
O58 - SDL:21/11/2014 - 05:14:12 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [93400]
O58 - SDL:15/02/2015 - 08:53:01 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [129752]
O58 - SDL:10/10/2013 - 23:44:38 ---A- . (.Intel Corporation - MBI driver.) -- C:\Windows\System32\Drivers\MBI.sys [29464]
O58 - SDL:22/08/2013 - 09:43:45 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\Drivers\megasas.sys [56672]
O58 - SDL:22/08/2013 - 09:43:45 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\megasr.sys [575840]
O58 - SDL:22/08/2013 - 09:43:49 ---A- . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\Drivers\mvumis.sys [63840]
O58 - SDL:21/11/2014 - 05:14:26 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [64216]
O58 - SDL:22/08/2013 - 09:43:31 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [150368]
O58 - SDL:22/08/2013 - 09:43:32 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [168288]
O58 - SDL:09/09/2014 - 09:07:09 ---A- . (...) -- C:\Windows\System32\Drivers\pmxdrv.sys [31152]
O58 - SDL:21/06/2013 - 06:35:14 ---A- . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Driver.) -- C:\Windows\System32\Drivers\Rt630x64.sys [816344]
O58 - SDL:11/03/2014 - 21:00:46 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHD64.sys [3891800]
O58 - SDL:12/07/2013 - 11:42:52 ---A- . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7/Win8.) -- C:\Windows\System32\Drivers\RtsBaStor.sys [309976]
O58 - SDL:18/10/2013 - 19:48:54 ---A- . (.Realtek Semiconductor Corporation - Realtek PCIE NDIS Driverr.) -- C:\Windows\System32\Drivers\rtwlane.sys [2946264]
O58 - SDL:22/08/2013 - 12:35:09 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:22/08/2013 - 09:43:31 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [44896]
O58 - SDL:22/08/2013 - 09:43:32 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [81760]
O58 - SDL:14/08/2013 - 15:01:22 ---A- . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [30448]
O58 - SDL:14/08/2013 - 15:01:22 ---A- . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\Drivers\Smb_driver_Intel.sys [34544]
O58 - SDL:19/08/2010 - 16:59:12 ---A- . (...) -- C:\Windows\System32\Drivers\SoilIO.sys [17912]
O58 - SDL:03/12/2009 - 10:03:50 ---A- . (.Systems Internals - Windows NT Caps-lock Ctrl Swapper.) -- C:\Windows\System32\Drivers\soilkbc.sys [13816]
O58 - SDL:03/12/2009 - 10:04:16 ---A- . (.Systems Internals - Windows NT Caps-lock Ctrl Swapper.) -- C:\Windows\System32\Drivers\SoilMC.sys [13304]
O58 - SDL:22/08/2013 - 09:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
O58 - SDL:14/08/2013 - 15:01:22 ---A- . (.Synaptics Incorporated - Synaptics Touchpad 64-bit Driver.) -- C:\Windows\System32\Drivers\SynTP.sys [527600]
O58 - SDL:15/01/2014 - 14:21:46 ---A- . (.Intel Corporation - Intel(R) Trusted Execution Engine Interface.) -- C:\Windows\System32\Drivers\TXEIx64.sys [88592]
O58 - SDL:22/08/2013 - 09:43:34 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [19808]
O58 - SDL:22/08/2013 - 09:43:34 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [168800]
O58 - SDL:22/08/2013 - 09:43:34 ---A- . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\Drivers\VSTXRAID.SYS [305504]
~ Drivers: 51 Scanned in 00mn 03s



---\\ Últimos ficheiros alterados ou criados (Utilizador) (061)
O61 - LFC: 10/02/2015 - 10:26:03 ---A- . (...) -- C:\Users\emle\AppData\Local\Microsoft\Windows\1046\StructuredQuerySchema.bin [386150]
O61 - LFC: 10/02/2015 - 10:26:08 ---A- . (...) -- C:\Users\emle\AppData\Local\Temp\nsk641E.tmp\InstallUtility.dll [1087520]
O61 - LFC: 10/02/2015 - 10:26:08 ---A- . (.Baidu, Inc..) -- C:\Users\emle\AppData\Local\Temp\nsk641E.tmp\log.dll [96256]
O61 - LFC: 10/02/2015 - 10:26:08 ---A- . (.Baidu, Inc..) -- C:\Users\emle\AppData\Local\Temp\~nsu.tmp\Au_.exe [1094680]
O61 - LFC: 10/02/2015 - 10:26:08 ---A- . (.www.baidu.com.) -- C:\Users\emle\AppData\Local\Temp\nsk641E.tmp\nsSkinEngineW.dll [604192]
O61 - LFC: 11/02/2015 - 10:26:03 ---A- . (...) -- C:\Users\emle\AppData\Local\Ap\MTResources\bibi.dll [386560]
O61 - LFC: 11/02/2015 - 10:26:03 ---A- . (...) -- C:\Users\emle\AppData\Local\Ap\MTResources\btmn.dll [120320]
O61 - LFC: 11/02/2015 - 10:26:03 ---A- . (...) -- C:\Users\emle\AppData\Local\Ap\MTResources\fish.exe [11264]
O61 - LFC: 11/02/2015 - 10:26:03 ---A- . (...) -- C:\Users\emle\AppData\Local\Ap\MTResources\mozin.dll [281600]
O61 - LFC: 11/02/2015 - 10:26:03 ---A- . (...) -- C:\Users\emle\AppData\Local\Ap\MTResources\spdrmn.dll [138752]
O61 - LFC: 11/02/2015 - 10:26:03 ---A- . (...) -- C:\Users\emle\AppData\Local\Ap\MTResources\sprmn.dll [417280]
O61 - LFC: 11/02/2015 - 10:26:03 ---A- . (...) -- C:\Users\emle\AppData\Local\Ap\MTResources\wdrwmn.exe [10752]
O61 - LFC: 11/02/2015 - 10:26:03 ---A- . (...) -- C:\Users\emle\AppData\Local\Ap\MTResources\wnrt.dll [5632]
O61 - LFC: 11/02/2015 - 10:26:03 ---A- . (...) -- C:\Users\emle\AppData\Local\Ap\MTResources\wrnet.dll [515072]
O61 - LFC: 11/02/2015 - 10:26:03 ---A- . (...) -- C:\Users\emle\AppData\Local\Ap\Uninstaller.exe [276524]
O61 - LFC: 11/02/2015 - 10:26:03 ---A- . (...) -- C:\Users\emle\AppData\Local\Ap\mtp.dll [249344]
O61 - LFC: 14/02/2015 - 10:26:09 ---A- . (...) -- C:\Users\emle\AppData\Roaming\ZHP\ZHPCleaner.exe [1681920] =>.Nicolas Coolman
O61 - LFC: 14/02/2015 - 10:26:09 ---A- . (...) -- C:\Users\emle\Desktop\AdwCleaner.exe [2112512]
O61 - LFC: 14/02/2015 - 10:26:09 ---A- . (...) -- C:\Users\emle\Desktop\ZHPCleaner.exe [1681920] =>.Nicolas Coolman
O61 - LFC: 14/02/2015 - 10:26:09 ---A- . (...) -- C:\Users\emle\Desktop\zoek.exe [1304576]
O61 - LFC: 14/02/2015 - 10:26:09 ---A- . (...) -- C:\Users\emle\Downloads\Firefox Setup Stub 35.0.1.exe [243720]
O61 - LFC: 15/02/2015 - 10:26:03 ---A- . (...) -- C:\Users\emle\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager\urlblocklist.bin [0]
O61 - LFC: 15/02/2015 - 10:26:04 ---A- . (...) -- C:\Users\emle\AppData\Local\Microsoft\Windows\INetCache\IE\FORSG5GG\urlblocklist[1].bin [0]
O61 - LFC: 15/02/2015 - 10:26:04 ---A- . (...) -- C:\Users\emle\AppData\Local\Microsoft\Windows\INetCache\IE\IAYWRTNW\urlblockindex[1].bin [16]
O61 - LFC: 15/02/2015 - 10:26:08 ---A- . (...) -- C:\Users\emle\AppData\Local\Temp\nsh697D.tmp\System.dll [11264]
O61 - LFC: 15/02/2015 - 10:26:08 ---A- . (...) -- C:\Users\emle\AppData\Local\Temp\nsk641E.tmp\System.dll [11264]
O61 - LFC: 15/02/2015 - 10:26:09 ---A- . (.Nicolas Coolman.) -- C:\Users\emle\Desktop\ZHPDiag2.exe [6875322] =>.Nicolas Coolman
~ 146 Fichiers temporaires (Temporary files)
~ Files: 27 Scanned in 00mn 05s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos'.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
~ FASS Keys: 10 Scanned in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s



---\\ Listagem dos serviços iniciados pelo Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\Windows\System32\aelupsvc.dll [208896]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\System32\certprop.dll [155136]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\System32\certprop.dll [155136]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\System32\srvsvc.dll [323072]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Política de Grupo.) -- C:\Windows\System32\gpsvc.dll [1308160]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\ikeext.dll [1063424]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em uma rede IPv4..) -- C:\Windows\System32\iphlpsvc.dll [914432]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\System32\appinfo.dll [109568]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\Windows\System32\iscsiexe.dll [150528]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\Windows\System32\eapsvc.dll [107008]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\System32\schedsvc.dll [1212928]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [220672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\Windows\System32\mmcss.dll [70656]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\Windows\System32\browser.dll [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [225280]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho Remota.) -- C:\Windows\System32\sessenv.dll [326656]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\Windows\System32\wercplsupport.dll [81408]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\Windows\System32\kmsvc.dll [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\System32\bdesvc.dll [339456]
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Serviço de Estrutura de Localização do Windows.) -- C:\Windows\System32\GeofenceMonitorService.dll [491520]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Serviço Conta da Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [1576960]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\Windows\System32\themeservice.dll [50688]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gerenciador de Instalação de Dispositivo.) -- C:\Windows\System32\DeviceSetupManager.dll [201728]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Serviço Assistente de Conectividade de Rede da Microsoft.) -- C:\Windows\System32\ncasvc.dll [164352]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acesso Remoto.) -- C:\Windows\System32\rasauto.dll [101376]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\Windows\System32\rasmans.dll [534528]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [223744]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistema (SENS).) -- C:\Windows\System32\sens.dll [71680]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\System32\ipnathlp.dll [433664]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft(R) Windows(TM).) -- C:\Windows\System32\tapisrv.dll [306688]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [3463680]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de tela de fundo.) -- C:\Windows\System32\qmgr.dll [1017856]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [629760]
~ Services: 34 Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.B5998562E394D9DB672D012D4E670790] [SPRF][14/02/2015] (.No owner - Aut2Exe.) -- C:\Users\emle\Desktop\AdwCleaner.exe [2112512]
[MD5.EFDB4567FCC3FA2727AC91CD9E9689A9] [SPRF][14/02/2015] (.No owner - ZHPCleaner.) -- C:\Users\emle\Desktop\ZHPCleaner.exe [1681920]
[MD5.0BAE81DA68C9819081A03A3D4A18736B] [SPRF][15/02/2015] (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Users\emle\Desktop\ZHPDiag2.exe [6875322]
[MD5.D7F97BF3F9DB7E547CFDA4089C3E4401] [SPRF][14/02/2015] (...) -- C:\Users\emle\Desktop\zoek.exe [1304576]
~ Files: 4 Scanned in 00mn 00s



---\\ Pesquisa de infeção Rogue (SRI) (O86)
O43 - CFD: 14/02/2015 - 22:41:04 - [0] ----D C:\ProgramData\cfb7e34302e345f9a579b07a7bc32829
~ Files: Scanned in 00mn 00s



---\\ Listagem dos dados da chave NameSpace (MNS) (O92)
O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 6 Scanned in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 11/03/2014 279024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 24/04/2012 169752 | (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
SS - | Demand 01/07/2013 822232 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
SS - | Demand 23/01/2015 114800 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 18/12/2014 28160 | (Updater) . (...) - C:\Users\emle\AppData\Local\Ap\Updater.exe
SS - | Demand 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 23/09/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 13/11/2014 309048 | (DeskmediaService) . (.Positivo Informática.) - C:\Positivo\Deskmedia\DeskmediaService.exe
SR - | Auto 11/03/2014 282096 | (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe
SR - | Auto 01/07/2013 733696 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
SR - | Auto 21/11/2014 1871160 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 21/11/2014 969016 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SR - | Auto 15/10/2013 10240 | (psvxbmc) . (...) - C:\Fabricante\psvxbmc.exe
SR - | Auto 07/01/2015 30224 | (Stpro) . (...) - C:\Program Files (x86)\Stpro\Stpro.exe
SR - | Demand 22/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 22/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 23s



---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBR) (080)
Run by emle at 15/02/2015 10:27:26
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s



---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBRCheck) (080)
Written by ad13, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Run by emle at 15/02/2015 10:27:29
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s



---\\ Scâner Aditional (088)
Database Version : 13008 - (14/02/2015)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1

[HKCU\Software\UpdateYTD] =>Adware.Boxore^
~ Additionnel Scan: 199843 Items scanned in 00mn 37s



---\\ Informações complémentaires do módulos
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Browser Helper Objects do navegador (02)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 3 Scanned in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.Boxore
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.CorsicaTechnologies
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.CrossRider
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Eorezo
~ MSI: 4 link(s) detected in 00mn 00s



End of the scan (1235 lines in 03mn 32s)(0.6)

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho abaixo e cole-o no espaço em branco do Zoek:

C:\ProgramData\SmartProtect\SmartProtect.exe;virustotal
C:\Users\emle\AppData\Local\Ap\MTResources\spdrmn.dll;virustotal
C:\Users\emle\AppData\Local\Ap\Updater.exe;virustotal
C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat;virustotal
C:\Fabricante\psvxbmc.exe;virustotal

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.

Faça também o seguinte:

 Selecione e copie todo o texto destacado em vermelho abaixo (começando em script zhpfix e indo até emptyclsid)

script zhpfix
SysRestore
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O23 - Service: Stpro service (Stpro) . (.No owner - AutoStart.) - C:\Program Files (x86)\Stpro\Stpro.exe
[MD5.3756AF3DECE011FEDEAFC929B56CBCDF] [APT] [94A46359-5537-4201-BEFD-1EC63DFD0943] (.Baidu Inc..) -- C:\ProgramData\Baidu Security\PC_Faster_Setup_Mini_GL16.exe [1108512]
[MD5.00000000000000000000000000000000] [APT] [DriverAssist.Autostart] (...) -- C:\Program Files\DriverAssist\DriverAssist.exe (.not file.) [0]    
[MD5.00000000000000000000000000000000] [APT] [DriverAssist.Scanning] (...) -- C:\Program Files\DriverAssist\DriverAssist.exe (.not file.) [0]    
[MD5.00000000000000000000000000000000] [APT] [DriverAssist.ScanningFull] (...) -- C:\Program Files\DriverAssist\DriverAssist.exe (.not file.) [0]  
[MD5.00000000000000000000000000000000] [APT] [XQPMJO] (...) -- C:\ProgramData\29d766ff52c04ce0a51e1dbf5224735d\29d766ff52c04ce0a51e1dbf5224735d.exe (.not file.) [0]
[HKCU\Software\AppDataLow\Software\CheckMeUp]
[HKCU\Software\Baidu Security]    
[HKCU\Software\UpdateYTD]   =>Adware.Boxore
[HKLM\Software\Baidu Security]    
[HKLM\Software\Wow6432Node\Baidu Security]    
[HKLM\Software\Wow6432Node\Ssearch]
[HKLM\Software\Wow6432Node\baidu]    
O43 - CFD: 11/02/2015 - 19:11:28 - [] ----D C:\Program Files (x86)\Baidu Security    
O43 - CFD: 14/02/2015 - 15:44:49 - [] ----D C:\Program Files (x86)\Stpro
O43 - CFD: 15/02/2015 - 10:13:09 - [] ----D C:\ProgramData\Baidu    
O43 - CFD: 15/02/2015 - 10:14:05 - [] ----D C:\ProgramData\Baidu Security    
O43 - CFD: 14/02/2015 - 22:41:04 - [0] ----D C:\ProgramData\cfb7e34302e345f9a579b07a7bc32829
O43 - CFD: 14/02/2015 - 22:41:06 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverAssist   
O43 - CFD: 15/02/2015 - 10:13:09 - [] ----D C:\Users\emle\AppData\Roaming\Baidu    
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 11/02/2015 - 18:07:15 --HA- . (...) -- C:\Windows\System32\Drivers\Msft_Kernel_webTinst_01009.Wdf [0]   =>PUP.CorsicaTechnologies
O44 - LFC:[MD5.1EB97859CAB65EDF0B0059DB2136559B] - 15/02/2015 - 08:09:11 ---A- . (.Baidu, Inc. - Baidu Antivirus BdSandboxDll.dll.) -- C:\Windows\System32\BdSandboxDll64.dll [418336]
O45 - LFCP:[MD5.2F5F8355C9D8C9EB29EFF05AC32FE8C3] - 11/02/2015 - 18:02:26 ---A- - C:\Windows\Prefetch\INS_IWEBAR.EXE-B20A1C82.pf   =>PUP.CrossRider
O45 - LFCP:[MD5.248F3C5C81AEEC2D8B4D1AB2F8694710] - 14/02/2015 - 16:52:15 ---A- - C:\Windows\Prefetch\SOFTWAREUPDATER.EXE-F9554656.pf   =>PUP.Eorezo
O61 - LFC: 10/02/2015 - 10:26:08 ---A- . (...) -- C:\Users\emle\AppData\Local\Temp\nsk641E.tmp\InstallUtility.dll [1087520]
O61 - LFC: 10/02/2015 - 10:26:08 ---A- . (.Baidu, Inc..) -- C:\Users\emle\AppData\Local\Temp\nsk641E.tmp\log.dll [96256]
O61 - LFC: 10/02/2015 - 10:26:08 ---A- . (.Baidu, Inc..) -- C:\Users\emle\AppData\Local\Temp\~nsu.tmp\Au_.exe [1094680]
O61 - LFC: 10/02/2015 - 10:26:08 ---A- . (.www.baidu.com.) -- C:\Users\emle\AppData\Local\Temp\nsk641E.tmp\nsSkinEngineW.dll [604192]
O61 - LFC: 15/02/2015 - 10:26:08 ---A- . (...) -- C:\Users\emle\AppData\Local\Temp\nsh697D.tmp\System.dll [11264]
O61 - LFC: 15/02/2015 - 10:26:08 ---A- . (...) -- C:\Users\emle\AppData\Local\Temp\nsk641E.tmp\System.dll [11264]
O43 - CFD: 14/02/2015 - 22:41:04 - [0] ----D C:\ProgramData\cfb7e34302e345f9a579b07a7bc32829
SR - | Auto 07/01/2015 30224 | (Stpro) . (...) - C:\Program Files (x86)\Stpro\Stpro.exe
[HKCU\Software\UpdateYTD]   =>Adware.Boxore^
ShortcutFix
EmptyTemp
EmptyFlash
emptyclsid
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.

Nota: Esse script foi elaborado somente para este computador, de acordo com os arquivos e chaves presentes.

Aos visitantes: Se estiverem com um problema semelhante, não utilizem esse script, pois o uso sem supervisão pode causar danos ao sistema.